WO2019094303A1 - Systèmes et procédés pour mettre en œuvre une transformation homomorphique évolutive et efficace de données chiffrées avec une expansion de données minimale et une efficacité de traitement améliorée - Google Patents

Systèmes et procédés pour mettre en œuvre une transformation homomorphique évolutive et efficace de données chiffrées avec une expansion de données minimale et une efficacité de traitement améliorée Download PDF

Info

Publication number
WO2019094303A1
WO2019094303A1 PCT/US2018/059058 US2018059058W WO2019094303A1 WO 2019094303 A1 WO2019094303 A1 WO 2019094303A1 US 2018059058 W US2018059058 W US 2018059058W WO 2019094303 A1 WO2019094303 A1 WO 2019094303A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
encrypted
yield
plaintext
plaintext data
Prior art date
Application number
PCT/US2018/059058
Other languages
English (en)
Inventor
Sherjil Ahmed
Original Assignee
Sherjil Ahmed
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US15/805,916 external-priority patent/US10333696B2/en
Application filed by Sherjil Ahmed filed Critical Sherjil Ahmed
Publication of WO2019094303A1 publication Critical patent/WO2019094303A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Definitions

  • Patent Application No. 15/782, 109 entitled “ Systems and Methods for Implementing an Efficient, Scalable Homomorphic Encryption with Minimal Data Expansion and Improved Processing
  • the present specification generally relates to the field of encryption, and more specifically to a fully homomorphic encryption (FHE) system that can homomorphically transform encrypted data in a manner that is scalable, rapid, inexpensive, difficult to invert or break, enables various types of public and/or private key generation protocols and is semantically secure. It is equally important for FHE system to be able to process encrypted data efficiently without requiring excessive amounts of computing power or memory relative to the processing of the underlying encrypted data.
  • FHE fully homomorphic encryption
  • Cloud computing provides almost unlimited computing power to its users. It also provides other potential benefits to users in terms of instant availability, scalability and resource sharing.
  • Cloud service provides offer the following cloud services to users which includes online file storage (for example, Dropbox), social networking sites (for example, Facebook), webmail (for example, Gmail), and online business application (for example, Brokerage).
  • Dropbox online file storage
  • social networking sites for example, Facebook
  • webmail for example, Gmail
  • Brokerage online business application
  • Encryption of data could solve this issue, but if the clients want to manipulate their encrypted data in the cloud, they have to share the secret key with cloud provider to decrypt it before executing the required operations.
  • the encrypted data is transmitted back from the cloud to a client side, decrypted at the client side to process the resulting unencrypted data. This approach leads to several security issues as the cipher text is continuously exposed. Furthermore, if the computations are performed at the client side, the main objective of using the cloud computing is not achieved.
  • Homomorphic encryption is an appropriate solution to solve security issues, such as those related to cloud computing, since its schemes enable the performing of computations on encrypted data without sharing the secret key needed to decrypt the data.
  • a homomorphic encryption system if one encrypts plaintext data (Pi) to yield encrypted data (Ei), and then applies the same function to encrypt P 2 to get E 2 it follows that if E 3 is computed through a specific polynomial function of Ei and E 2 , and, when decrypted, yields P 3 , then the same polynomial function applied to Pi and P 2 , would result in P 3 .
  • Homomorphic encryption can be categorized under three types of schemes with respect to the number of allowed operations on the encrypted data as follows: 1) Partially Homomorphic Encryption (PHE) allows only one type of operation with an unlimited number of times (that is, no bound on the number of usages); 2) Somewhat Homomorphic Encryption (SHE) allows a restricted set of operations a limited number of times, and 3) Fully Homomorphic Encryption (FHE) allows unlimited number of operations with unlimited number of times.
  • PHE Partially Homomorphic Encryption
  • SHE Somewhat Homomorphic Encryption
  • FHE Fully Homomorphic Encryption
  • U.S. Patent No. 8,565,435, issued on October 22, 2013 to International Business Machines Corporation discloses a partial homomorphic encryption and decryption method.
  • the disclosed partial homomorphic system has numerous disadvantages that prevent it from being practically useful.
  • the partial homomorphic system is not homomorphic for operations other than multiplication and addition. Additionally, for the number of multiplication operations or the number of addition operations it is capable of doing, it is highly limited, resulting in only a SHE system.
  • the disclosed partial homomorphic system attempts to mimic a fully homomorphic encryption system by using a technique called bootstrapping.
  • bootstrapping a user homomorphically encrypts the key along with the message and when the ciphertext degrades as a result of too many addition or multiplication operations, the ciphertext is decrypted and then re- encrypted to remove the degradation. This dramatically increases the amount of memory, time, and processing needed to use the encrypted data.
  • a bottoms-up approach to developing an FHE scheme involves: choosing a well- defined and intensively researched hard mathematical problem. Based on this difficult mathematical problem, the following components need to be developed: Designing and Analysis of Key Generation Function, Designing and Analysis of Encryption Function, Designing and Analysis of Decryption Function, and Designing and Analysis of Evaluation Functions on encrypted data.
  • This approach also requires addressing the following issues: development of security proof of the FF£E scheme, and implementation of the FF£E scheme on different hardware platforms with timing benchmarks.
  • This approach for the designing of the FF£E scheme requires considerable time and effort.
  • a challenge is for the security of the FHE scheme to stand a test of time. The cryptographic community spends years with a new cryptosystem before the community and the industry accepts the system as secure.
  • a homomorphic encryption method that is scalable, can be used to rapidly and efficiently encrypt and decrypt, can also be used to rapidly and efficiently process encrypted data and can also operate over more than multiplication and addition, while at the same time being conservative with its need for computational space and processing power.
  • the encryption function also needs to be very difficult to invert or break, while also allowing for various types of public and/or private key generation protocols to be supported without undermining homomorphism, speed, memory use, complexity or semantic security.
  • the present specification discloses a method of transforming plaintext, having a plurality of elements, into ciphertext, wherein the ciphertext is homomorphically encrypted with respect to certain functions, particularly multiplication and addition operations, the method being performed on a processor executing a plurality of instructions.
  • the present specification discloses an encryption system comprising a computing device, wherein said computing device comprises at least one processor coupled to a memory and wherein said memory comprises instructions executable by the at least one processor to: receive a first plaintext data; modify the first plaintext data to yield second plaintext data; encrypt the second plaintext data in a first encryption format to generate a first encrypted data; receive a request to perform a computation; transform the computation into a homomorphic operation based on the first encryption format, wherein said homomorphic operation is different from the computation; apply the homomorphic operation to the first encrypted data to generate a second encrypted data; decrypt the second encrypted data using a first decryption format corresponding to the first encryption format to yield a third plaintext data; and modify the third plaintext data to generate fourth plaintext data, wherein said fourth plaintext data is equivalent to plaintext data generated by applying said computation to the first plaintext data.
  • the second encrypted data does not occupy more than 4 times nlog(n) of said memory relative to the first encrypted data and wherein n is equal to the number of said plurality of bits.
  • the first encryption format is at least one of RSA, Goldwasser-Micali, El- Gamal, Benaloh, and Paillier.
  • the computation is at least one of a multiplication operation, subtraction, division and addition operation.
  • transforming the computation to yield a homomorphic operation comprises redefining an addition operation as at least one multiplication operation.
  • the homomorphic operation requires no more than 10 times more processing cycles, executed by said processor, than the computation applied to the first plaintext data.
  • transforming the computation to yield a homomorphic operation comprises redefining a multiplication operation as at least one exponentiation operation.
  • transforming the computation to yield a homomorphic operation comprises redefining a subtraction operation as at least one division operation.
  • transforming the computation to yield a homomorphic operation comprises redefining a division operation as at least one root operation.
  • the first plaintext data is modified by identifying a prime number that is less than an integer representative of the first plaintext data and that is on a predefined list of prime numbers, subtracting the prime number from the integer to yield a remainder, and repeating with said remainder to yield a plurality of prime numbers.
  • the second plaintext data is generated by multiplying said plurality of prime numbers together.
  • the third plaintext data is modified by identifying a prime number that is less than an integer representative of the third plaintext data and that is on a predefined list of prime numbers, dividing the integer using the prime number to yield a remainder, and repeating with said remainder to yield a plurality of prime numbers.
  • the fourth plaintext data is generated by adding said plurality of prime numbers together.
  • the first plaintext data is at least one of voice, face and fingerprint data of individuals.
  • the first plaintext data is data collected by IoT (Internet of Things) devices in a decentralized system.
  • IoT Internet of Things
  • first plaintext data comprises private blockchain data.
  • the present specification discloses a method of homomorphically manipulating encrypted data in a computer having at least one processor coupled to a memory, wherein said memory comprises instructions executable by the at least one processor, the method comprising: in said computer, receiving a first encrypted data, wherein said first encrypted data is generated by applying a first encryption format to a first plaintext data; in said computer, receiving a request for a computation to be performed on the first encrypted data; in said computer, transforming said computation into a homomorphic operation based on the first encryption format, wherein said homomorphic operation is different from the computation; and in said computer, applying the homomorphic operation to the first encrypted data to yield second encrypted data, wherein the second encrypted data does not occupy more than 4 times nlog(n) of said memory relative to the first encrypted data and wherein n is equal to the number of said plurality of bits.
  • the first encryption format is at least one of RSA, Goldwasser-Micali, El- Gamal, Benaloh, and Paillier.
  • transforming the computation to yield a homomorphic operation comprises redefining an addition operation as at least one multiplication operation.
  • the homomorphic operation requires no more than 10 times more processing cycles, executed by the processor, than the computation applied to the first plaintext data.
  • transforming the computation to yield a homomorphic operation comprises redefining a multiplication operation as at least one exponentiation operation.
  • transforming the computation to yield a homomorphic operation comprises redefining a subtraction operation as at least one division operation.
  • transforming said computation to yield a homomorphic operation comprises redefining a division operation as at least one root operation.
  • the method further comprises receiving a plaintext data and generating first plaintext data from the plaintext data by identifying a prime number that is less than an integer representative of the plaintext data and that is on a predefined list of prime numbers, subtracting the prime number from the integer to yield a remainder, repeating with said remainder to yield a plurality of prime numbers, and multiplying said plurality of prime numbers together.
  • the method further comprises decrypting the second encrypted data using a first decryption format corresponding to the first encryption format to yield a third plaintext data.
  • the method also comprises modifying the third plaintext data to generate fourth plaintext data, wherein said fourth plaintext data is equivalent to output plaintext data that would have been generated by directly applying said computation to the plaintext data.
  • the method further comprises modifying the third plaintext data to generate fourth plaintext data by identifying a prime number that is less than an integer representative of the third plaintext data and that is on a predefined list of prime numbers, dividing the integer using the prime number to yield a remainder, repeating with said remainder to yield a plurality of prime numbers, and adding said plurality of prime numbers together.
  • the first plaintext data is at least one of voice, face and fingerprint data of individuals.
  • the first plaintext data is data collected by IoT (Internet of Things) devices in a decentralized system.
  • IoT Internet of Things
  • first plaintext data comprises private blockchain data.
  • the present application discloses an encryption method executed in a computing device, wherein said computing device comprises at least one processor coupled to a memory and wherein said memory comprises instructions executable by the at least one processor, said encryption method comprising: 1) receiving a first plaintext data; 2) modifying the first plaintext data to yield second plaintext data, wherein the first plaintext data is modified by identifying a prime number that is less than an integer representative of the first plaintext data and that is on a predefined list of prime numbers, subtracting the prime number from the integer to yield a remainder, repeating with said remainder to yield a plurality of prime numbers, identifying an additional unused prime number not included within the plurality of prime numbers, and multiplying said plurality of prime numbers together; 3) encrypting the second plaintext data in a first encryption format to generate a first encrypted data; 4) receiving a request to perform a computation, wherein said computation is at least one of a multiplication operation, subtraction operation, division operation and addition operation; 5) transforming the computation into a homomorphic operation
  • the second encrypted data does not occupy more than 4 times nlog(n) of said memory relative to the first encrypted data and wherein n is equal to the number of said plurality of bits.
  • the additional unused prime number not included within the plurality of prime numbers is used to decrypt second encrypted data, wherein said second encrypted data has been subject to an exponentiation operation.
  • the present application discloses homomorphic encryption systems, HE systems, as a parameterized family of homomorphic encryption operations with each individual encryption operation defined on a set of natural numbers and returning natural numbers.
  • the HE key structure is directly related to the parameter structure itself and for the case of two natural numbers, K and L as described above, the set D(K, L), or just key, is the set of all pairs of monadic operation, ( i, j ), where i is defined as a permutation of the set ⁇ 1, 2, 3, ... , K ⁇ and j is defined as the permutation of the set ⁇ 1, 2, 3, ... , L ⁇ .
  • K L. Since i and j are permutations over ⁇ 1, 2, 3, ... , K ⁇ , the can be enumerated in a standard Boolean way.
  • Each of these HE encrypted terms, x' and y' is described by two finite sets of prime natural numbers: the additive view of x', AV(x'), the multiplicative view of x', MV(x'), the additive view of y', AV(y'), and the multiplicative view of y', MV(y').
  • the AV(x') primes add or sum together to x and the MV(x') primes multiply together to x' and the AV(y') primes add or sum together to y and the MV(y') primes multiply together to y' .
  • the primes selected can be replaced by the natural numbers that are the indexes of the primes chosen.
  • HE then expresses each prime natural number in any of the sets AV(x), MV(x), AV(y) or MV(y) as a term in the first-order applied language ⁇ where terms in ⁇ are understood to name or describe elements in the algebraic structure ⁇ where,
  • ⁇ N, 0, p(x+K), p(l)*x, p(2)*x, . . . , p(K)*x . . .x*y >, and where N is the set of all natural number, 0 is the natural number zero, 1 is the natural number one, p(x+K) is a family of monadic operations where for each natural number K the monadic operation p(x+K) is defined on the natural numbers such that for any natural number K, p(0+K) is the natural number and for all positive natural numbers, K and x, p(x+K) is the ( x+K)" 1 prime natural number, and x*y is the ordinary binary operation of multiplication.
  • HE(x, D(K.i, L.j)) is then defined to be the product of the primes that arise from the evaluation in ⁇ of the numbers that that were in the multiplicative view (if the operation called for was multiplication) or in the additive view (if the operation called for was addition) of the x' and y' positional numbers.
  • HE(y, D(K.i, L.j)) is defined in a similar way.
  • the recursion used to enumerate the Alpha*, terms is important because it is this construction that canonically positions each of the terms with its arithmetic value.
  • the initial terms in the cardinal and the ordinal enumeration of Alphai, Alphaiand Alphas are shown in FIGS. 1 A, IB and 1C.
  • the core canonical cardinal recursion is shown below.
  • the canonical ordinal recursion is similar but assumes that the value of B(l) is 2 with the other C-Symbols symbols naming the first K odd prime natural numbers:
  • Position(Ci(x, K )) p(l)*Position(x; K);
  • Position(C 2 (x, K )) p(2)*Position(x; K);
  • Position(C 3 (x, K )) p(3)*Position(x; K);
  • Position(C x, K )) p( )*Position(x; K);
  • Position(B((x), K))) p(x+K)*Position(x, K);
  • Position( x * y; K ) Position(x ; K) * UHE(y; K).
  • K L
  • Alpha AlphaL
  • Alpha and AlphaL can be any family of enumerations
  • the encryption complexity is higher if Alpha and AlphaL are different types of enumerations.
  • K is used for the canonical cardinal enumerations of dimension K
  • L in AlphaL is used for the canonical ordinal enumerations of dimension L
  • K is used specifically to distinguish the canonical cardinal enumerations
  • L is used specifically to distinguish the canonical ordinal enumerations besides denoting the dimension.
  • the present specification discloses a secure data sharing system for sharing data among clients comprising: a plurality of client devices in data communication with a server; said server comprising at least one processor coupled to at least one memory device and said memory device comprising instructions executable by the at least one processor to implement the steps of: receiving plaintext data; homomorphically encrypting said plaintext data and storing the homomorphically encrypted data on said memory device; receiving a request from a client device; based upon said request, performing a computation on the homomorphically encrypted data stored in said memory device; decrypting an output of said computation; and providing the decrypted output data to said client device.
  • the present specification discloses a secure data sharing system for sharing data among clients comprising: a plurality of client devices in data communication with a server; said server comprising at least one processor coupled to at least one memory device and said memory device comprising instructions executable by the at least one processor to implement the steps of: receiving a first encrypted data in a first encryption format; homomorphically encrypting said first encrypted data to yield a second encrypted data in a homomorphic encryption format and storing the second encrypted data on said memory device; receiving a request from a client device; based upon said request, performing a computation on the second encrypted data stored in said memory device; decrypting an output of said computation to yield a third encrypted data, wherein said third encrypted data is in the first encryption format and is not in a homomorphic encryption format; and, providing the second encrypted data to said client device.
  • said server is located at a remote location.
  • only authorized client devices are allowed to send request for performing computations on the data stored on the server device.
  • said plaintext data is homomorphically encrypted using a universal homomorphical encryption format.
  • the steps of homomorphically encrypting said plaintext data comprises: receiving, in the memory of the server, plaintext data, said plaintext data comprising a plurality of bits; deriving from the plaintext data a first input integer and a second input integer; accessing a first table stored in the memory of the server, said first table associating a plurality of integers with a plurality of first-order symbolic representations; identifying, in said first table, a first first-order symbolic representation of the first input integer and a second first-order symbolic representation of the second input integer; obtaining from said first table the first-order symbolic representation and the second first-order symbolic representation; accessing a second table stored in the memory of the server, said second table associating a plurality of integers with a plurality of first-order symbolic representations; identifying, in said second table, a third integer associated with the first first-order symbolic representation and a fourth integer associated with the second first-order symbolic representation; obtaining, from said second table, the third integer and fourth integer; access
  • the homomorphically encrypted form of the plaintext data comprises a plurality of node labeled tree representations and wherein each node label tree representation corresponds to an input integer.
  • the first table or the second table is computed and stored in memory prior to initiating the encryption method.
  • the first table or the second table is computed in real time during an execution of said homomorphic encryption method.
  • the data sharing system further comprises performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises data indicative of all possible combinations of the first input integer and second input integer and wherein said data is homomorphically encrypted.
  • the data sharing system further comprises performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises a 1-bit value denoting whether the first input integer is less than the second input integer.
  • the data sharing system is used to implement a secure backend system for an organization.
  • the data sharing system is used to implement a data marketplace comprising confidential data such that the subscribers to that database can only run computations on that data without accessing the original raw data.
  • the data sharing system is used to implement a multi factor authentication system for people such that the authentication data such as voice, face and fingerprint data of people is stored in an encrypted format on said system.
  • the data sharing system is used to implement a blind e-voting system for voters such that the data related to individual votes is stored in an encrypted format on said data storage system.
  • the data sharing system is used to store, manage and use data collected by IoT (Internet of Things) devices in a decentralized system.
  • IoT Internet of Things
  • the data sharing system is used to provide distributed personal data stores wherein data is stored in a homomorphically encrypted format.
  • the data sharing system is used to implement a private blockchain such that the sensitive data within said blockchain is stored in a homomorphically encrypted format.
  • the present specification discloses a method for providing a secured data sharing system comprising: receiving plaintext data; homomorphically encrypting said plaintext data and storing the homomorphically encrypted data on a memory device; receiving a request from an authorized user requiring performing a computation on the homomorphically encrypted data stored in said memory device; performing said computation on said homomorphically encrypted data and decrypting the output of said computation; and providing the decrypted output data to said authorized user.
  • the present specification discloses a method for providing a secured data sharing system comprising: receiving first encrypted data in a first encryption format; homomorphically encrypting said first encrypted data to yield second encrypted data in a homomorphic encryption format and storing the second encrypted data on a memory device; receiving a request from an authorized user requiring performing a computation on the second encrypted data stored in said memory device; performing said computation on said second encrypted data and decrypting the output of said computation to yield third encrypted data in a first encryption format and not in a homomorphic encryption format; and providing the third encryption data to said authorized user.
  • the present specification discloses a secure data sharing system for sharing data among clients comprising: a plurality of client devices in data communication with a server; said server comprising at least one processor coupled to at least one memory device and said memory device comprising instructions executable by the at least one processor to implement the steps of: receiving homomorphically encrypted data from at least one client device and storing the homomorphically encrypted data on said memory device; receiving a request from a client device requiring performing a computation on the homomorphically encrypted data stored in said memory device; performing said computation on said homomorphically encrypted data to generate encrypted output data; and, providing the homomorphically encrypted output data to said client device.
  • a client device is configured to homomorphically encrypt the plaintext data through a private key before uploading the same on the data sharing system.
  • the homomorphically encrypted output data is decrypted by the client device through a public key.
  • said server is located at a remote location.
  • only authorized client devices are allowed to send request for performing computations on the data stored on the server device.
  • said plaintext data is encrypted using a universal homomorphic encryption format.
  • the steps of homomorphically encrypting said plaintext data comprises: receiving, in the memory of the client device, plaintext data, said plaintext data comprising a plurality of bits; deriving from the plaintext data a first input integer and a second input integer; accessing a first table stored in the memory of the client device, said first table associating a plurality of integers with a plurality of first-order symbolic representations; identifying, in said first table, a first first-order symbolic representation of the first input integer and a second first- order symbolic representation of the second input integer; obtaining from said first table the first-order symbolic representation and the second first-order symbolic representation; accessing a second table stored in the memory of the client device, said second table associating a plurality of integers with a plurality of first-order symbolic representations; identifying, in said second table, a third integer associated with the first first-order symbolic representation and a fourth integer associated with the second first-order symbolic representation; obtaining, from said second table, the third integer and fourth
  • the homomorphically encrypted form of the plaintext data comprises a plurality of node labeled tree representations and wherein each node label tree representation corresponds to an input integer.
  • the first table or the second table is computed and stored in memory prior to initiating the homomorphic encryption method.
  • the first table or the second table is computed in real time during an execution of said homomorphic encryption method.
  • the data sharing system further comprises performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises data indicative of all possible combinations of the first input integer and second input integer and wherein said data is encrypted.
  • the data sharing system further comprises performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises a 1-bit value denoting whether the first input integer is less than the second input integer.
  • the data sharing system is used to implement a secure backend system for an organization.
  • the data sharing system is used to implement a multi factor authentication system for people such that the authentication data such as voice, face and fingerprint data of people is stored in an encrypted format on said system.
  • the data sharing system is used to implement a blind e-voting system for voters such that the data related to individual votes is stored in an encrypted format on said data storage system.
  • the data sharing system is used to store, manage and use data collected by IoT
  • the data sharing system is used to implement a private blockchain such that the sensitive data within said blockchain is stored in a homomorphically encrypted format.
  • the present specification discloses a method for providing a secured data sharing system comprising: receiving homomorphically encrypted data; storing said homomorphically encrypted data on a memory device; receiving a request from an authorized user requiring performing computation on the homomorphically encrypted data stored in said memory device; performing computations on said homomorphically encrypted data to generate homomorphically encrypted output data; and, providing the homomorphically encrypted output data to said authorized user.
  • the data is homomorphically encrypted by an authorized user before sending it to the data sharing system.
  • the output data is decrypted by an authorized user after receiving it from the data sharing system.
  • the present specification discloses a method for encrypting plaintext data in a computing device having a processor and memory, said method comprising: receiving, in the memory of the computing device, plaintext data, said plaintext data comprising a plurality of bits; deriving from the plaintext data a first input integer and a second input integer; accessing a first table stored in the memory of the computing device, said first table associating a plurality of integers with a plurality of first-order symbolic representations; identifying, in said first table, a first first-order symbolic representation of the first input integer and a second first-order symbolic representation of the second input integer; obtaining from said first table the first-order symbolic representation and the second first-order symbolic representation; accessing a second table stored in the memory of the computing device, said second table associating a plurality of integers with a plurality of first-order symbolic representations; identifying, in said second table, a third integer associated with the first first-order symbolic representation and a fourth integer associated with the second
  • a first-order symbolic representation of an integer in one of said first plurality of tables may differ from a first-order symbolic representation of said integer in any other of the first plurality of tables.
  • said first plurality of tables defines a cardinal enumeration of dimension K where K is a positive natural number.
  • the second table is partially representative of a key and is one of a second plurality of tables and wherein each entry in each of said second plurality of tables relates an integer to a first-order symbolic representation.
  • the first-order symbolic representation of an integer in one of said second plurality of tables differs from a first-order symbolic representation of said integer in any other of the second plurality of tables.
  • said second plurality of tables defines an ordinal enumeration of dimension L where L is a positive natural number.
  • said second plurality of tables defines an ordinal enumeration of dimension L for encrypting natural numbers in a computing device having a processor and memory, said method comprising: deriving from the first input integer two finite sets of prime natural numbers, a sum of a first of the finite sets being an absolute value of the first input integer and a product of the a second of the finite sets being an absolute value of the first input integer; deriving from the second input integer two finite sets of prime natural numbers, a sum of a first of the finite sets being an absolute value of the second input integer and a product of a second of the finite sets being an absolute value of the second input integer; accessing the second table; obtaining for the two finite sets of prime natural numbers associated with the first input two sets of first-order symbolic representations with the first-order symbolic representations being derived from the finite sets of prime natural numbers; obtaining, for the two sets of first-order symbolic representations, two sets of first-order symbolic representations derived by replacing any indexed symbolic mona
  • the encrypted form of the plaintext data comprises a string of symbols wherein each of said symbols is a node labeled tree representation of an input integer.
  • the encrypted form of the plaintext data comprises a plurality of node labeled tree representations and wherein each node label tree representation corresponds to an input integer.
  • the first table or the second table may be computed and stored in memory prior to initiating the encryption method.
  • the first table or the second table may be computed in real time during an execution of said encryption method.
  • the method may further comprise performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises data indicative of all possible combinations of the first input integer and second input integer and wherein said data is encrypted.
  • the method may further comprise performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises a 1-bit value denoting whether the first input integer is less than the second input integer.
  • the present specification discloses a method for encrypting plaintext data in a computing device having a processor and memory, said method comprising: receiving, in the memory of the computing device, plaintext data, said plaintext data comprising a plurality of bits; deriving from the plaintext data a first input integer and a second input integer; adding a first random number to the first input integer to yield a modified first input integer and adding a second random number to the second input integer to yield a modified second input integer; accessing a first table stored in the memory of the computing device, said first table associating a plurality of integers with a plurality of first-order symbolic representations; identifying, in said first table, a first first-order symbolic representation of the modified first input integer and a second first-order symbolic representation of the modified second input integer; obtaining from said first table the first-order symbolic representation and the second first-order symbolic representation; accessing a second table stored in the memory of the computing device, said second table associating a plurality of integers with
  • the present specification discloses a method for encrypting plaintext data in a computing device having a processor and memory, said method comprising: receiving, in the memory of the computing device, plaintext data, said plaintext data comprising a plurality of bits; deriving from the plaintext data a first input integer and a second input integer; accessing a first table stored in the memory of the computing device, said first table associating a plurality of integers with a plurality of first-order symbolic representations, to identify a first first-order symbolic representation of the first input integer and a second first-order symbolic representation of the second input integer; obtaining the first first-order symbolic representation and the second first-order symbolic representation, wherein said first first-order symbolic representation and said second first-order symbolic representation are encrypted forms of the first input integer and second input integer; repeating said deriving, accessing, and obtaining steps for each bit of said plurality of bits of plaintext data to yield an encrypted form of the plaintext data, wherein the encrypted form of the plaintext data does not
  • the first table is partially representative of a key and is one of a first plurality of tables and wherein each entry in each of said first plurality of tables relates an integer to a first- order symbolic representation.
  • a symbolic representation of an integer in one of said first plurality of tables may differ from a first-order symbolic representation of said integer in any other of the first plurality of tables.
  • said first plurality of tables defines a cardinal enumeration of dimension K where K is a positive natural number.
  • the encrypted form of the plaintext data comprises a plurality of first-order symbolic representations and wherein said plurality of first-order symbolic representations comprises Boolean strings.
  • the encrypted form of the plaintext data may comprise a string of symbols wherein each of said symbols is a node labeled tree representation of an input integer.
  • the first table may be computed and stored in memory prior to initiating the encryption method.
  • the first table may be computed in real time during an execution of said encryption method.
  • the method may further comprise performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises data indicative of all possible combinations of the first input integer and second input integer and wherein said data is encrypted.
  • the method may further comprise performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises a 1-bit value denoting whether the first input integer is less than the second input integer.
  • the present specification discloses a method for encrypting plaintext data in a computing device having a processor and memory, said method comprising: receiving, in the memory of the computing device, plaintext data, said plaintext data comprising a plurality of bits; deriving from the plaintext data a first input integer and a second input integer; adding a first random number to the first input integer to yield a modified first input integer and adding a second random number to the second input integer to yield a modified second input integer; accessing a first table stored in the memory of the computing device, said first table associating a plurality of integers with a plurality of first-order symbolic representations, to identify a first first- order symbolic representation of the modified first input integer and a second first-order symbolic representation of the modified second input integer; obtaining the first first-order symbolic representation and the second first-order symbolic representation, wherein said first first-order symbolic representation and said second first-order symbolic representation are encrypted forms of the first input integer and second input integer; and repeating said deriving, access
  • the present specification discloses a method of programming a credit card using a computing device having a memory, comprising: receiving, in the memory of the computing device, plaintext data, said plaintext data comprising a plurality of bits representing a name, a credit card, and a security code; deriving from the plaintext data a first input integer and a second input integer; accessing a first table stored in the memory of the computing device, said first table associating a plurality of integers with a plurality of first-order symbolic representations, to identify a first first-order symbolic representation of the first input integer and a second first- order symbolic representation of the second input integer; obtaining the first first-order symbolic representation and the second first-order symbolic representation, wherein said first first-order symbolic representation and said second first-order symbolic representation are encrypted forms of the first input integer and second input integer; repeating said deriving, accessing, and obtaining steps for each bit of said plurality of bits of plaintext data to yield an encrypted form of the plaintext data; obtaining a
  • the encrypted form of the plaintext data does not occupy more than 4 times n * log(n) of the memory of the credit card and wherein n is equal to the number of said plurality of bits.
  • the present specification discloses a method of processing encrypted data, said encrypted data being an encrypted form of plaintext data, in a computing device having a processor and memory, said method comprising: receiving, in the memory of the computing device, the encrypted data, wherein said encrypted data comprises a string of symbols, wherein each of said symbols is a node labeled tree representation of an integer; applying at least one string concatenation operation on at least a portion of the encrypted data to yield modified encrypted data, wherein applying the at least one string concatenation operation to the at least a portion of the encrypted data is adapted to be mathematically equivalent to applying an addition and/or multiplication operation on at least a portion of the plaintext data, and wherein applying the at least one string concatenation operation to the at least a portion of the encrypted data requires no more than 10 times more processing cycles, executed by said processor, than said mathematically equivalent addition and/or multiplication operation applied on said portion of the plaintext data; outputting said modified encrypted data; and decrypting said modified encrypted data to yield modified plaintext
  • the method may further comprise performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises data indicative of all possible combinations of a first input integer and a second input integer and wherein said data is encrypted.
  • the method may further comprise performing homomorphic addition by generating a look-up table for a given key, wherein said table comprises a 1-bit value denoting whether a first input integer is less than a second input integer.
  • the method may further comprise performing an operation on said encrypted data that is mathematically equivalent to performing addition on said plaintext data, wherein said operation is a multiplicative operation.
  • the method may further comprise performing an operation on said encrypted data that is mathematically equivalent to performing multiplication on said plaintext data, wherein said operation is an additive operation.
  • the decrypting may comprise: deriving from the modified encrypted data plaintext data a first first-order symbolic representation; accessing a first table stored in the memory of the computing device, said first table associating a plurality of integers with a plurality of first-order symbolic representations, to identify a first output integer associated with the first first-order symbolic representation; obtaining the first output integer, wherein said first output integer is a portion of said modified plaintext data; and repeating said deriving, accessing, and obtaining steps for a remainder of said modified encrypted data to yield the modified plaintext data.
  • the decrypting may comprise: deriving from the modified encrypted data plaintext data a first first-order symbolic representation; accessing a first table stored in the memory of the computing device, said first table associating a plurality of integers with a plurality of first-order symbolic representations, to identify a first output integer associated with the first first-order symbolic representation; obtaining the first output integer; applying a function using a random number associated with the first output integer and the first output integer to yield a modified first output integer, wherein said modified first output integer is a portion of said modified plaintext data; and repeating said deriving, accessing, obtaining, and applying steps for a remainder of said modified encrypted data to yield the modified plaintext data.
  • the decrypting may comprise: deriving from the modified encrypted data plaintext data a first first-order symbolic representation; accessing a first table stored in the memory of the computing device, said first table associating a first plurality of integers with a first plurality of first-order symbolic representations, to identify a first output integer associated with the first first-order symbolic representation; obtaining the first output integer; accessing a second table stored in the memory of the computing device, said second table associating a second plurality of integers with a second plurality of first- order symbolic representations, to identify a second first-order symbolic representation associated with the first output integer; accessing the first table to identify a second output integer associated with the second first-order symbolic representation; obtaining the second output integer, wherein said second output integer is a portion of said modified plaintext data; and repeating said deriving, accessing, and obtaining steps for a remainder of said modified encrypted data to yield the modified plaintext data.
  • the decrypting may comprise: deriving from the modified encrypted data plaintext data a first first-order symbolic representation; accessing a first table stored in the memory of the computing device, said first table associating a first plurality of integers with a first plurality of first-order symbolic representations, to identify a first output integer associated with the first first-order symbolic representation; obtaining the first output integer; accessing a second table stored in the memory of the computing device, said second table associating a second plurality of integers with a second plurality of first- order symbolic representations, to identify a second first-order symbolic representation associated with the first output integer; accessing the first table to identify a second output integer associated with the second first-order symbolic representation; applying a function using the second output integer and a random number associated with the second output integer to yield a modified second output integer, wherein said modified second output integer is a portion of said modified plaintext data; obtaining the modified second output integer, wherein said modified second output integer is a portion of
  • the present specification discloses a method of processing plaintext, having a plurality of elements, in a computing device having a processor and memory, comprising: receiving said plaintext data; and homomorphically encrypting said plaintext data, said homomorphism being with respect to multiplication and addition operations, wherein the encrypted form of the plaintext data does not occupy more than 4 times n * log(n) of the memory of the computing device and wherein n is equal to the number of said plurality of bits.
  • the present specification discloses a method of processing plaintext, having a plurality of elements, in a computing device having a processor and memory, comprising: receiving said plaintext data; and homomorphically encrypting said plaintext data, said homomorphism being with respect to multiplication operations, addition operations, set function operations, Boolean operations, and logical operations, wherein the encrypted form of the plaintext data does not occupy more than 4 times n * log(n) of the memory of the computing device and wherein n is equal to the number of said plurality of bits.
  • the present specification discloses a method of transforming plaintext, having a plurality of elements, into ciphertext, said method being performed on a processor executing a plurality of instructions and wherein, when said plurality of instructions are executed, the process: generates a first set and a second set of node labeled trees, wherein each node in each set of node labeled trees is associated with a prime number; introduces an additional dimension, having a plurality of additional elements, into each of said first set and second set of node labeled trees; associates each node within said first set and second set of node labeled trees with at least one of said additional elements; transforms a first element of said plurality of elements into a first node labeled tree, having an additional element associated therewith, from the first set of node labeled trees; and based upon the first node labeled tree, with said additional element, from the first set of node labeled trees, determines a second node labeled tree, with an associated
  • the additional dimension comprises a plurality of color- based elements.
  • the additional dimension comprises a plurality of wave forms, textures, patterns, or symbols.
  • the present specification discloses a method of generating a plurality of keys for transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to multiplication and addition operations, said method being performed on a processor executing a plurality of instructions and wherein, when said plurality of instructions are executed, the process: generates a first set and a second set of node labeled trees, wherein each node in each set of node labeled trees is associated with a prime number; introduces an additional dimension, having a plurality of additional elements, into each of said first set and second set of node labeled trees and associating each node within said first set and second set of node labeled trees with at least one of said additional elements; transforms a first element of said plurality of elements into a first node labeled tree, having an additional element associated therewith, from the first set of node labeled trees; and based upon the first node labeled tree, with
  • the present specification discloses a system for generating and manipulating a plurality of keys for transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to a plurality of operations, said system comprising a processor for executing a plurality of instructions and a non- transitory computer readable medium having stored therein a plurality of instructions, where, when the processor executes the plurality of instructions, the system: defines two different natural number algebraic structures (out of many possible), o3 ⁇ 4 (canonical cardinal enumeration) and
  • the present specification discloses a system of transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to multiplication and addition operations, said system comprising a processor for executing a plurality of instructions and a non-transitory computer readable medium having stored therein a plurality of instructions, where, when the processor executes the plurality of instructions, the system: generates a first set of node labeled trees, wherein the first set of node labeled trees satisfy a first set of equations; generates a second set of node labeled trees, wherein the second set of node labeled trees satisfy a second set of equations and wherein both the first sets of equations and second set of equations are subsets of a set of parameterized equations; transforms a first element of said plurality of elements into a first node labeled tree from the first set of node labeled trees; and based upon the first node labeled tree from
  • system further comprises using the set of parameterized equations to identify a first model and a second model and determining an intersection of the first model and second model to determine a core model.
  • the system further comprises defining Mod ] y j wherein, for every positive natural number, Modjyjis defined as an algebraic structure based on a plurality of natural numbers.
  • the first set of node labeled trees is determined by choosing a positive natural number K and wherein the second set of node labeled trees is determined by choosing a second positive natural number L, where the number K is less than the number L and where both the first set and second set of node labeled trees are defined as Herbrand models of the parameterized equations.
  • the present specification discloses method of transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to the multiplication and addition operations, said method being performed on a processor executing a plurality of instructions and wherein, when said plurality of instructions are executed, the processor: generates a first set of node labeled trees, wherein the first set of node labeled trees satisfy a first set of equations; and generates a second set of node labeled trees, wherein the second set of node labeled trees satisfy a second set of equations and wherein both the first sets of equations and second set of equations are subsets of a set of parameterized equations; transforms a first element of said plurality of elements into a first node labeled tree from the first set of node labeled trees; and based upon the first node labeled tree from the first set of node labeled trees, determines a second node labeled tree from
  • the method further comprises using the set of parameterized equations to identify a first model and a second model and determining an intersection of the first model and second model to determine a core model.
  • the method further comprises defining Mod]yj wherein, for every positive natural number M, Mod]yj is defined as an algebraic structure based on a plurality of natural numbers.
  • an arithmetic structure Mod ⁇ is uniquely isomorphic to the core model.
  • the first set of node labeled trees is determined by choosing a positive natural number K and wherein the second set of node labeled trees is determined by choosing a second positive natural number L, where the number K is less than or equal the number L and where both the first set and second set of node labeled trees are defined as core or Herbrand models of the parameterized equations.
  • the present specification discloses a method of transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to multiplication and addition operations, said method being performed on a processor executing a plurality of instructions and wherein, when said plurality of instructions are executed, the processor: generates a first set of node labeled trees and a second set of node labeled trees, wherein each of the first and second set of node labeled trees is associated with a prime natural number defined by a value of symbols in a set of parameterized equations.
  • the present specification discloses a method of transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to the multiplication and addition operations, said method being performed on a processor executing a plurality of instructions and wherein, when said plurality of instructions are executed, the processor: generates a first set of node labeled trees, wherein said first set of node labeled trees satisfy a first set of initial conditions; generates a second set of node labeled trees, wherein said second set of node labeled trees satisfy a second set of initial conditions; transforms a first element of said plurality of elements into a first node labeled tree from the first set of node labeled trees; and based upon the first node labeled tree from the first set of node labeled trees, determines a second node labeled tree from the second set of node labeled trees, wherein said generating, transforming, and determining steps results in transforming
  • the first set of node labeled trees is formed by applying a first monadic operation on a plurality of original natural numbers to enumerate a plurality of prime natural numbers. Still optionally, the first set of node labeled trees is formed by generating a plurality of ordered pairs, wherein each of said ordered pairs consists of a single natural number, k, and a finite multiset of odd primes that divide one of said plurality of original natural numbers.
  • the second set of node labeled trees is formed by applying a second monadic operation on a plurality of original natural numbers to enumerate a plurality of prime natural numbers.
  • k is the number of times that the number 2 divides the one of said plurality of original natural numbers.
  • each of the plurality of ordered pairs operates as a first layer of a finite natural number node labeled tree.
  • one coordinate in each of said plurality of ordered pairs defines a root of the finite natural number node labeled tree.
  • said determine a second node step is performed by seeking a position of a form in the second set of node labeled trees which is equivalent to a form of the first node labeled tree in the first set of node labeled trees.
  • the first set of node labeled trees represents a cardinal enumeration of a set of node labeled trees and the second set of node labeled trees represents an ordinal enumeration of a set of node labeled trees.
  • the present specification discloses a method of transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to multiplication and addition operations, said method being performed on a processor executing a plurality of instructions and wherein, when said plurality of instructions are executed, the process: generates a first set and a second set of node labeled trees, wherein each node in each set of node labeled trees is associated with a prime number; transforms a first element of said plurality of elements into a first node labeled tree from the first set of node labeled trees; and based upon the first node labeled tree from the first set of node labeled trees, determines a second node labeled tree from the second set of node labeled trees, wherein said generate, transform, and determine steps results in transforming said plaintext into said ciphertext such that it is homomorphically encrypted with respect to multiplication and addition operations.
  • the present specification discloses a system for generating and manipulating a plurality of keys for transforming plaintext, having a plurality of elements, into ciphertext, wherein said ciphertext is homomorphically encrypted with respect to a plurality of operations, said system comprising a processor for executing a plurality of instructions and a non- transitory computer readable medium having stored therein a plurality of instructions, where, when the processor executes the plurality of instructions, the system: uniquely defines a monadic operation defined on the natural numbers such that for any natural number x, a message, UHE(x, k (ij, m n )) is computed by a) representing x using a language of structure P m with term w, b) transforming term u into term v using p(m n ) to permute indexes of term w, c) transforming term v into term w using p(ij) to permute indexes of term v, and
  • a set of k! permutations of the sequence ⁇ 1,2, 3, k> can be alphabetically ordered from 0 to k!-1 with ⁇ 1, 2, 3, k> being given position 0, wherein p(ij) is a j ⁇ permutation of the sequence ⁇ 1, 2, 3, i > and wherein p(m n ) is a nth permutation of the sequence ⁇ 1, 2, 3, m >.
  • the system defines (m ! * i ! ) keys.
  • FIG. 1 A shows the first few Ai terms in both their cardinal and ordinal orderings using a standard subscript notation for the C-Symbols
  • FIG. IB shows the first few A 2 terms in both their cardinal and ordinal orderings using a standard subscript notation for the C-Symbols
  • FIG. 1C shows the first few A 3 terms in both their cardinal and ordinal orderings using a standard subscript notation for the C-Symbols
  • FIG. 2 illustrates a table comparing performance and operational metrics with reference to a typical SHE (Somewhat Homomorphic Encryption), FHE (Fully Homomorphic Encryption) and the UHE (Universal Homomorphic Encryption) system of the present specification;
  • FIG. 3 illustrates a computing system environment for implementing the FHE/UHE processes, in accordance with embodiments of the present specification
  • FIG. 4 illustrates an exemplary cloud-based scenario providing secure storage and computation services
  • FIG. 5 is a flow chart illustrating a plurality of exemplary steps for implementing a cloud based electronic healthcare records system in accordance with an embodiment
  • FIG. 6 is a flow chart illustrating a plurality of exemplary steps for implementing a cloud based financial and/or business compliance, intelligence and decision management system in accordance with an embodiment
  • FIG. 7 illustrates an exemplary client-server topology for enabling an information providing/retrieval service
  • FIG. 8 is a flowchart illustrating a plurality of exemplary steps of a method of securely accessing, querying and processing a customer's bank account with reference to an e-commerce transaction;
  • FIG. 9 is a flowchart illustrating a plurality of exemplary steps of a method of securely accessing, querying and processing a search
  • FIG. 10 is a flowchart illustrating an exemplary encryption process performed by computing devices
  • FIG. 11 is a flowchart illustrating a method of manufacturing a credit card using the encryption processes disclosed herein;
  • FIG. 12 is a flowchart illustrating a method of using a credit card using the encryption processes disclosed herein;
  • FIG. 13 is a flowchart illustrating a method of performing homomorphic filtering using the encryption processes disclosed herein;
  • FIG. 14 is an illustration of a shared data storage system in accordance with an embodiment of the present specification.
  • FIG. 15 shows a flowchart depicting the process followed in the shared database system wherein the data encryption and data decryption are performed on the server;
  • FIG. 16 shows a flowchart depicting the process followed in the shared database system wherein the data encryption and data decryption are not performed on the server;
  • FIG. 17 is a block diagram illustrating a homomorphic processing system operating on ciphertext data, in accordance with an embodiment of the present specification
  • FIG. 18 is a block diagram illustrating a homomorphic processing system operating as a layer between an encryption module and a decryption module of an encryption system, in accordance with an embodiment of the present specification
  • FIG. 19 is a flowchart of a method of homomorphic encryption and processing implemented as a layer between encryption and decryption of a conventional encryption system
  • FIG. 20 is a "Dark Pool” technology stack for implementing secured Big Data analytics solutions, in accordance with an embodiment of the present specification
  • FIG. 21 illustrates a mapping of numbers to primes, in accordance with an embodiment of the present specification
  • FIG. 22A illustrates a plurality of programmatic instructions for executing Montgomery multiplication, in accordance with an embodiment of the present specification
  • FIG. 22B illustrates a plurality of programmatic instructions to implement a binary method, in accordance with an embodiment of the present specification
  • FIG. 22C illustrates a plurality of programmatic instructions to implement signed-digit recoding method, in accordance with an embodiment of the present specification
  • FIG. 22D illustrates a plurality of programmatic instructions to implement a CMM-SDR method, in accordance with an embodiment of the present specification
  • FIG. 23A illustrates a first type of granularity with reference to parallel computing, in accordance with an embodiment of the present specification
  • FIG. 23B illustrates a second type of granularity with reference to parallel computing, in accordance with an embodiment of the present specification
  • FIG. 24 is a flow chart illustrating a plurality of steps of implementing an FUE method, process or scheme, in accordance with an embodiment of the present specification
  • FIG. 25 shows components of a Public Key Infrastructure (PKI) for a cryptography scheme, in accordance with embodiments of the present specification
  • FIG. 26A is a workflow illustrating processes associated with obtaining a digital certificate and working of a certification authority, in accordance with an embodiment of the present specification
  • FIG. 26B is a workflow illustrating processes associated with obtaining a digital certificate and working of a certification authority, in accordance with another embodiment of the present specification
  • FIG. 27 is a workflow illustrating a certificate procurement process using Lemur, in accordance with aspects of the present specification.
  • FIG. 28 is a workflow illustrating a plurality of steps for mutual authentication of first and second parties, such as a server and a client, to each other using secure socket layer, in accordance with embodiments of the present specification
  • FIG. 29 illustrates a workflow for an attribute-based encryption scheme that uses an XOR masking operation to obtain unique private keys, in accordance with an embodiment of the present specification
  • FIG. 30 is a workflow illustrating a plurality of processes associated with FUE based user access and key management using Lemur and attribute-based encryption, in accordance with embodiments of the present specification
  • FIG. 31 shows a GUI in Lemur to create a new user, in accordance with embodiments of the present specification
  • FIG. 32 shows a GUI in Lemur to create a new role, in accordance with embodiments of the present specification.
  • FIG. 33 shows a flowchart depicting an exemplary process for transforming a partially homomorphic encryption system to a FUE system, in accordance with some embodiments of the present specification.
  • the present specification is directed to an encryption system that applies a Universal Homomorphic Encryption (UHE) format or data transformation to plaintext data.
  • UHE Universal Homomorphic Encryption
  • a UHE system can use more functions and is not limited with respect to the number and/or order of multiplication and addition operations.
  • the present specification is directed to an encryption system that applies a Fully Homomorphic Encryption (FHE) format or data transformation to plaintext data.
  • FHE Fully Homomorphic Encryption
  • a FHE system is defined as a system which can encrypt plaintext data (Pi) to yield encrypted data (Ei), apply a multiplication or addition function to Pi and Ei to yield P 2 and E 2 respectively, and then decrypt E 2 to yield P 3 , where P 2 is equal to P 3 .
  • set function operations union, intersection, merge and push
  • Boolean operations AND, OR, XOR
  • a FHE system is not limited with respect to the number and/or order of multiplication and addition operations.
  • the present specification discloses several inventions, some of which are defined as ordered combinations, directed toward the Internet-centric challenge of keeping data secure and private. This is achieved, at least in part, by providing a FHE or UHE system, embodied by a plurality of programmatic instructions stored in a memory and executed on a processor, that is configured to receive a first set of plaintext data, encrypt that first set of plaintext data into ciphertext data, perform operations on that ciphertext data to output modified ciphertext data, and decrypt that modified ciphertext data to yield a second set of plaintext data, wherein the second set of plaintext data is the same plaintext data that would have been yielded had those operations been performed directly on the first set of plaintext data without first encrypting it.
  • the result of this data transformation using the specific methods and systems disclosed herein, has several tangible, concrete benefits.
  • encrypted data can now be processed without having to know the content of the plaintext data, without having to know or have access to the encryption key, or without having to first decrypt the encrypted data. It should be appreciated that this feature is achieved by each combination or embodiment disclosed herein, including where the input data is ciphertext.
  • the FHE or UHE system applies string concatenation operations on encrypted data.
  • the string concatenation operations, as applied to the FHE or UHE formatted data are mathematically equivalent to multiplication and/or addition operations applied to plaintext.
  • processing efficiency is a defining parameter of a processor in combination with the executing software and defined as the number of processing cycles per operation
  • the FHE or UHE system is designed to perform a string concatenation operation that is equivalent to addition with a processing efficiency that is no greater than 10 times the processing efficiency of the addition operation assuming the same type of processor.
  • the FHE system would require no more than 1000 cycles to perform a string concatenation operation, which is mathematically equivalent to addition, on the encrypted version of the 2 32 bit numbers.
  • the FHE or UHE system is designed to perform a string concatenation operation that is equivalent to multiplication with a processing efficiency that is no greater than 10 times the processing efficiency of the multiplication operation assuming the same type of processor. For example, if a given processor requires 500 cycles to multiply 2 32 bit numbers in plaintext, the FHE system would require no more than 5000 cycles to perform a string concatenation operation, which is mathematically equivalent to multiplication, on the encrypted version of the 2 32 bit numbers.
  • the FHE system is designed to perform a series of string concatenation operations that are equivalent to any set of polynomial operations with a processing efficiency that is no greater than 10 times the processing efficiency of the polynomial operation assuming the same type of processor. For example, if a given processor requires 1000 cycles to perform a given polynomial operation on 2 32 bit numbers in plaintext, the FHE system would require no more than 10000 cycles to perform a string concatenation operation, or set of string concatenation operations, which are mathematically equivalent to the polynomial operation, on the encrypted version of the 2 32 bit numbers. It should be appreciated that this feature is achieved by each combination or embodiment disclosed herein, including where the input data is ciphertext.
  • the string concatenation operations will require no more than processing cycles than 120% of the average of the mathematically equivalent combination of addition and multiplication operations. Therefore if the processing speed of a multiplication operation on plaintext is 500 cycles and the processing speed of an addition operation on the plaintext is 100 cycles on given processor, the processing speed of a mathematically equivalent set of string concatenation operations in the present FHE or UHE system is 360 cycles or less (or less than 120% of the average of the multiplication and addition operations, which is 300 cycles). It should be appreciated that this feature is achieved by each combination or embodiment disclosed herein, including where the input data is ciphertext.
  • the encrypted form of the plaintext data grows almost linearly with respect to the size of the plaintext data.
  • the amount of memory occupied by the encrypted form of plaintext data will not exceed 4 times nlog(n), where n is the length of plaintext in bits.
  • the amount of memory occupied by the encrypted form of plaintext data is equal to nlog(n), where n is the length of plaintext in bits. It should be appreciated that this feature is achieved by each combination or embodiment disclosed herein, including where the input data is ciphertext.
  • the presently disclosed FHE and UHE systems do not degrade the current user experience. Because the processing and memory use impact is minimal, the presently disclosed FHE and UHE systems can be readily implemented in existing commercial messaging, search, financial transaction, file and user authentication, block chain processing, filtering, network monitoring and other systems. It should be appreciated that this feature is achieved by each combination or embodiment disclosed herein, including where the input data is ciphertext.
  • the presently disclosed FHE and UHE systems do not require bootstrapping to achieve homomorphism. Stated differently, in the course of applying a plurality of operations, whether multiplication, addition, other functions, or combinations thereof, the encrypted data in the FHE and UHE systems do not degrade and, therefore, do not require intermediate steps of decrypting and re-encrypting in order to remove the degradation. It should be appreciated that this feature is achieved by each combination or embodiment disclosed herein, including where the input data is ciphertext.
  • the FHE or UHE system comprises a plurality of programmatic instructions, stored in memory and executed on a processor, which applies a parameterized family of homomorphic encryption operations on plaintext data. Each individual encryption operation is defined on a set of natural numbers and returning natural numbers.
  • the plurality of programmatic instructions of the FHE or UHE system computes the numerical position of the term in the canonical cardinal ordering of ⁇ that represents x, and through a reflection operation from jth enumeration of the canonical ordinal enumeration AL, a number named x A . From the Fundamental Theorem of Arithmetic, and a natural recursion, it follows that each Alpha term is positioned in a unique position for each enumeration or permutation, i, of ⁇ 1, 2, K ⁇ .
  • the input to the presently disclosed encryption process and system are a plurality of data elements derived from the plurality of bits of the plaintext data. In an embodiment, the inputs are defined as integers.
  • the positions associated with particular inputs and particular permutation indices define numbers for which the system can create additive and multiplicative views.
  • the multiplicative view is uniquely determined by the fundamental theorem of arithmetic and the additive view, while not unique, can be defined in a number of ways, one of simplest of which follows.
  • the system subtracts that prime from the input x, and recurs this process downward to create an additive view of x, guaranteeing no more than log(x) terms.
  • All non-Boolean natural numbers can be expressed as the sum of no more than six primes allowing certain optimization of space when compared to the simple algorithm presented.
  • the creation of the multiplicative view of a number x is a unique multiset of primes.
  • the very act of encryption causes a natural number to be factored, a known difficult problem and a feature that adds to the difficulty of breaking the encrypting code.
  • the plurality of programmatic instructions of the FHE or UHE system next expresses the natural numbers for each of the index position numbers as a set of standard terms in the first-order language ofAlphaKand translates (or reflects) these terms, using the permutation / ' , into terms in j th enumeration in AlphuL and then back into i as previously described.
  • the plurality of programmatic instructions of the FHE or UHE system encrypts each of these index positions to a term in the language of ⁇ : with the change being that the symbol that names the B and Ci monadic operations in ⁇ are changed through reflection from the At. These terms are then evaluated in ⁇ to yield the appropriate numerical outputs.
  • Cryptography systems require a specific number, say 0 or a 1, to be encrypted to a different random value for a given key ⁇ (K.i, L.j).
  • the FHE/UHE system uses Semantic
  • the FHE/UHE system supports an arbitrarily large key space with semantically indistinguishable keys.
  • the result of using these keys and the underlying arithmetic models, ⁇ , is an encryption system that is recursively enumerable complete in its complexity.
  • the FHE/UHE system operates in real-time, with efficiency gains at least 10 10 times greater speed than the prior art encryption systems.
  • the FHE/UHE system works not only as a bitwise encryptor, but also operates on different word lengths (8-bit, 16-bit, 32-bit and even 64- bit).
  • Prior art homomorphic encryption implementations create a dramatic increase in the memory requirement for key generation.
  • the FHE/UHE system ciphertext of the present specification, is typically less than two times the plaintext size, and no more than 4 times nlog(n) where n is the number of plaintext bits.
  • Key generation is the process of generating keys to enable a cryptographic process, i.e. a key is used to encrypt and decrypt whatever data or plaintext is being encrypted/decrypted.
  • Modern cryptographic systems may include symmetric-key algorithms (such as DES and AES) and public-key algorithms (such as RSA). Symmetric-key algorithms use a single shared key and keeping data secret requires keeping this key secret.
  • Public-key algorithms use a public key and a private key. The public key is made available to anyone (often by means of a digital certificate).
  • a sender encrypts data with the public key and only the holder of the private key can decrypt this data. Since public-key algorithms tend to be much slower than symmetric-key algorithms, modern systems such as TLS and SSH use a combination of the two: one party receives the other's public key and encrypts a small piece of data (either a symmetric key or some data used to generate it). The remainder of the communication uses a typically faster symmetric-key algorithm for encryption.
  • Random number generator RNG
  • PRNG pseudorandom number generator
  • a PRNG is a computer algorithm that produces data that appears random under analysis. PRNGs that use system entropy to seed data generally produce better results, since this makes the initial conditions of the PRNG much more difficult for an attacker to guess.
  • the key is created using a passphrase and a key generation algorithm, usually involving a cryptographic hash function such as SHA-1.
  • a typical method to read encrypted data is a brute force attack— simply attempting every number, up to the maximum length of the key. Therefore, it is desirable to use a sufficiently long key length as longer keys take exponentially longer to attack, rendering a brute force attack impractical.
  • the FHE/UHE system With the FHE/UHE system of the present specification, it is possible to implement any key generation scheme with arbitrary key length - such as Public Key, Private Key, Symmetric Key exchange and Private Key exchange.
  • the FHE/UHE system enables a plurality of key generation and exchanges such as, but not limited to, random binary string key generation and exchange, structured binary string key generation and exchange, hierarchical binary string key generation and exchange, simple keying similar to on-off keying, FHE/UHE selection based on nth prime successor or other prime oriented computations. Also, the FHE/UHE system based key generation and exchange processes do not interfere with the homomorphic properties of the encryptors.
  • the FHE/UHE system of the present specification enables any permutation of the order of the monadic C-operators to create an isomorph of the original model.
  • K 3
  • 6 permutations there are 3 ! or 6 permutations.
  • Each of these permutations creates a different algebra and each permutation induces a unique ordering or enumeration of the node labeled-tree storing triples of natural numbers. Therefore, each permutation translates each natural number uniquely to another natural number derived from the unique enumeration while preserving homomorphism. This allows the model dimension to be mapped homomorphically into the model of dimension 3 and generally allows -models to be mapped homomorphically into J-models and then reflected back to the -models.
  • the initial prime natural numbers can be named by their C-symbols and later through the use of the monadic B-operator combined with multiplication. Therefore, the primes larger than those named by the C-symbol operators are enumerated by applying the B-Operator to the terms of the algebra in numeric order. Since the FHE/UHE system mapping involves the use of the prime successor function, the mapping can be assumed to be pseudo random since primes are pseudo random. In accordance with an embodiment, -tuple and the J-tuple and their specific permutations represent the key space. Therefore, each key is structurally identical to every other key.
  • the generation of a key does not affect the degree or extent of homomorphism.
  • FHE/UHE key generation and use is very efficient and does not depend on the size of the key space.
  • L and K themselves can be made part of the key and that neither FHE/UHE encryption nor decryption would then requires knowledge of L or K.
  • each FHE(x, ⁇ (K.i, L.j)) or UHE(x, D (K.i, L.j)) multiplicative encryption request begins with the construction of the AlphdK expressions that represent the inputs x and y in the canonical cardinal ordering of AlphdK This allowing the FHE/UHE system to create the position numbers for the same AlphdK expressions using the i th enumeration described in the requested key. These numerical position are denoted by x A and y A .
  • the FHE/UHE system For each natural number position name, x A , the FHE/UHE system creates two finite sets of prime natural numbers, an additive set or view whose elements add together to be x and a multiplicative set or view whose elements multiple together to be x.
  • the FHE/UHE system creates, for each of these views, the AlphdL terms that describe the prime numbers in these views. It is these views that allow us to map x A and y A homomorphically back to terms in AlphdK.
  • the AlphdL terms are processed, using the permutation j to rearrange the C- symbols, and, in that way, create the A IphdK terms x' and y', read "x-prime” and y-prime' in the ordinal enumeration oiAlphdu. These terms are evaluated in AlphdK resulting FHE/UHE' s output.
  • FHE(x*y, D(K.i, L.j)) FHE(x, D(K.i, L.j)) * FHE(y, D(K.i, L.j)).
  • Ci(C2(C3(l)) Ci(C2(C3(l))
  • C 2 (Ci(C 3 (l))) C 2 (Ci(C 3 (l))
  • the FHE/UHE system multiplies 30 by 31 obtaining 930 as the number, which is then translated into Alph(i3 using the canonical cardinal enumeration.
  • each FHE(x, ⁇ (K.i, L.j)) or UHE(x, D(K.i, L.j)) addition encryption request begins with the construction of the AlphdK expressions that represent the inputs x and y in the canonical cardinal ordering of AlphaK. This allows the FHE/UHE system to create the position numbers for the same Alphax expressions using the i th enumeration described in the requested key. These numerical position are denoted by x A and y A .
  • the FHE/UHE system For each natural number position name, x A , the FHE/UHE system creates two finite sets of prime natural numbers, an additive set or view whose elements add to x and a multiplicative set or view whose elements multiply to be x. The FHE/UHE system creates for each of these views the Alph L terms that describe the prime numbers in these views. It is these views that allow us to map x A and y A homomorphically back to terms in Alphax.
  • the AlphdL terms are processed, using the permutation j to rearrange the C- symbols and, in that way, create the Alphax terms x' and y', read "x-prime” and y-prime' in the ordinal enumeration of Alphak. These terms are evaluated in Alphax resulting FHE/UHE' s output.
  • UHE(x+y, D(K.i, L.j)) UHE(x, D(K.i, L.j)) + UHE(y, D(K.i, L.j)) or
  • FHE(x+y, D(K.i, L.j)) FHE(x, D(K.i, L.j)) + FHE(y, D(K.i, L.j)).
  • Each FHE(x, D(K.i, L.j)) or UHE(x, D(K.i, L.j)) additive encryption request begins with the construction of the Alpha expression of the inputs x and y, allowing the FHE/UHE system to create the position of the Alpha expression creating position values x A and y A , using the i th enumeration ordering in the key to the request.
  • the FHE/UHE system then constructs two sets of arithmetic terms describing the prime natural numbers in the cardinal enumeration of ⁇ . These terms are then passed on and, as a result of further FHE/UHE processing, using the key permutation, to create terms x', read "x-prime" in the ordinal enumeration of the structure AL.
  • the FHE/UHE system finds the position number of these forms in the ⁇ (2 -M), (1 ⁇ ) ⁇ transformed order.
  • the natural number 30, in Alph(i3, is canonically represented in a cardinal fashion as C 2 (Ci(B(l))) and this term in the non-identical permuted enumeration is represent by the term Ci(C 2 (B(l))), which evaluates to the number 30.
  • the natural number 31, in Alph(i3, is canonically represented in a cardinal fashion as B(C 2 (C 2 (1))) and this term in the non-identical permuted enumeration is represent by the term B(Ci(Ci(l))), which is 13.
  • B(Ci(Ci(l))) The FHE/UHE system now translates the numbers 30 and 13 to their additive homomorphic translates in Alpha 3 by first constructing the additive view of both numbers.
  • Each natural number larger than 1 can be written as a sum of prime natural numbers in several different ways.
  • the FHE/UHE system uses an algorithm that identifies 2 with the set of primes, ⁇ 2 ⁇ , and 3 with the set of primes ⁇ 3 ⁇ .
  • the FHE/UHE system begins by subtracting the largest prime less than or equal half of the number n from the number and continuing downward until terminating on a final prime.
  • K 3 ⁇ B(C 2 (1), B(l), C 3 (1),C 2 (1), C 2 (l) ⁇
  • L 3 ⁇ B(C 2 (1), B(l), C 3 (l),Ci(l) ), Ci(l) ⁇
  • This property generalizes to the product of any two non-Boolean, but also by definition for the Boolean numbers, and hence for all natural numbers showing that this operation, by itself, is a homomorphic over addition.
  • FHE/UHE is an additive homomorphism
  • NA and DA can be divided through to the most basic rational factor or a decimal representation. If these numbers are completely divided through, the corresponding rational factor containing natural numbers must first be computed and then factored into NA and DA NLTS SO they can be mapped back to plaintext using the keys and then added or subtracted in the plaintext domain.
  • the semantic security presented above is a way to add random numbers to plaintext, where the processes of homomorphic addition and homomorphic multiplication do not affect the encrypted portions of these random numbers and they can be removed from plaintext once the information is decoded. It should be appreciated that the FHE/UHE can be extended to work, without boot- strapping, over the entire range integers and it is still semantically secure. It should also be clear that semantic security methods shown here also protect the keys from being exposed that result from mapping of small primes (associated with the key).
  • UA is the union (multiplication) in cipher-text that is interpreted as addition in plaintext
  • UM is the union (multiplication) in cipher-text that is interpreted as multiplication in plaintext
  • the FHE/UHE system only needs to keep either the multiplicative view (MV) or the additive view (AV) since both addition and multiplication operations in plaintext can be represented in terms of only the AV or only the MV.
  • the additive and the multiplicative unions should be appropriately marked. This can be accomplished in a plurality of ways.
  • Table Y The 4 values from Table Y become:
  • the Table Z below, exhaustively contains all possible addition combinations of inputs x and y, given that x + y is same as y + x.
  • the primary benefit of the Table Z below is the speed and processing efficiency.
  • the Table Z essentially reduces the processing required to perform the process of addition to an efficient look-up table.
  • An alternative method for computing homomorphic addition from the multiplicative homomorphs of x and y may be achieved using recursive computation on the symbolic representations of x' and y' .
  • This recursive process is relatively slow and requires categorizing if the x' and y' are prime numbers, even numbers or odd numbers that are not prime numbers. The process is, however, time and resource intensive.
  • Table Z is used to perform fast homomorphic addition and includes a fourth column that provides a 1-bit value denoting whether the plain-text x is less than plain-text y for a given cipher-text x' and cipher-text y' and for that key. Since the FHE/UHE encryption guarantees a 1-1 mapping of plain-text to cipher text for a given key, for x and y to be equal, x' and y' would have to be the same. Hence a single bit value is sufficient to provide inequality information. It should be noted that this approach can be made semantically secure by the method described in the Semantic Security section above.
  • inequality test in the UHE system of the present specification is reduced to an efficient look-up function.
  • inequality part that is the column four of the Table Z above, can be an entirely separate table in various embodiments.
  • the order information that can be gleaned from this inequality "computation" is for the user.
  • A* ⁇ N, 0, p(x+iQ, p( *x for 0 ⁇ i ⁇ K+ ⁇ , x * y>.
  • any standard Chinese Remainder Theorem query (CRT), Q, involving k different co-prime modulus values and certain conditions involving these values, can be expressed in the language of ⁇ using its monadic operations to create k different prime arithmetic progressions.
  • expresses query Q as an existential sentence whose internal quantifiers are bound in a natural way by the lead existential quantifier. This expression is preserved using any of the UHE dimensional translations showing that those translation are at least as complex as the CRT queries.
  • the FHE/UHE sample bulges are above the not quite achievable limit of 1/16.
  • the FHE/UHE sample has a larger average and a higher standard deviation than the other functions studied.
  • the sample is not a primitive of a cryptographic systems but merely one of a very large number of transformations that can be generated in the course of its operation.
  • the Alpha Core Language, ACL is an applied first-order language with equality whose non-logical symbols include a single constant symbol "c", a single binary operation symbol "+”, a single monadic operator, B, and a monadic operation symbol C, where C generically represents an entire family of Ci, C 2 , ... Ci. It should be noted that i C symbols along with a single B created an i! key space.
  • Each of the As (Ai, A 2 , ...) can be referred to as types of A and, similarly, each of the components of B can be called types of B, etc.
  • the C-Symbol is seen as a counting symbol or a node creation symbol in a node- labeled tree
  • the B-Symbol is seen as a container creation symbol or the root creation symbol in a node labeled tree.
  • an A-Symbol (representing k A symbols) can be introduced to create distinction including, but not limited to, the distinction of duality and negation, and even the single '+' binary symbol can be replaced by 1 different M symbols representing 1 different types of binary operators such as, but not limited to, multiplication, addition, subtraction and division.
  • FIG. 2 is an example table illustrating a comparison of performance and operational metrics with reference to a typical SHE (Somewhat Homomorphic Encryption) 205, FHE (Fully Homomorphic Encryption) 210 and the UHE system 215 of the present invention when run on a dual-core 2.65GHz processor with 8GB RAM.
  • the UHE system is approximately 10 times faster than a typical FHE implementation, such as FHE 210.
  • the UHE system 215 provides -2-5 (microseconds) for two simultaneous 32 bit encryption and multiplication and -2-5 (microseconds) for two simultaneous 32 bit encryption and addition.
  • the UHE encryption and decryption processes further provide the following benefits:
  • Multiplication is directly homomorphic, so the processing cost of multiplication in cipher-text is the same as the processing cost of multiplication in plaintext.
  • the cipher-text is approximately nlog(n) times the size of the plaintext (where the size of the plaintext is n), and does not exceed 4 times nlog(n). This does not include saving the plaintext random number for semantic security.
  • the FHE/UHE system of the present specification supports multiplication and addition, including homomorphic order detection as well as other set processing capabilities, such as but not limited to homomorphic union and membership without boot strapping, and the entire system is secure.
  • FHE/UHE does not cause meaningful data expansion and, as such, the cipher-text is roughly the same length as plaintext thereby requiring limited key generation memory.
  • the FHE/UHE system goes beyond additive and multiplicative morphism to, for example, morphism in more general set and tree functions, as defined above.
  • the FHE/UHE is substantially more complex than prior art encryption standards since it is based on finding the distance between arbitrary unknown primes and then performing additional operations such as multiple divisions.
  • the FHE/UHE system of the present specification supports an arbitrarily large key space with semantically indistinguishable keys.
  • the result is an encryption system that is recursively enumerable complete in its complexity.
  • the FHE/UHE system operates in real-time, with efficiency gains at least 10 12 times greater speed than the prior art full homomorphic encryption systems.
  • the FHE/UHE system works not only as a bitwise encryptor, but also operates on different word lengths (8-bit, 16-bit, 32-bit and even 64-bit).
  • the ciphertext is preferably nlog(n) times the size of the plaintext, and no greater than 4 times nlog(n).
  • the key generation requires very little memory and the keys are structurally indistinguishable from each other.
  • the length of the key increases the complexity of the security, but does not affect the processing required to affect the encryption or decryption.
  • FIG. 21 illustrates a mapping of numbers to primes, in accordance with an embodiment of the present specification.
  • the table 2100 shows a first column 2105 of natural numbers in order acting as an index, a second column 2110 of a listing of all quasi natural numbers (where a number is a quasi-prime if and only if any product of natural number that multiplies together to be the number forces one or both of the factors to be the number one, as previously defined) and a third column 2115 is a binary string in Prime Arithmetics that is used to name a prime in a corresponding position of the second column 2110.
  • a Tree Based Encryption and a UHE(n, key, perm) operation is described using subsets of the universe of prime arithmetics, a system equivalent in overall complexity to standard arithmetic but that allows a special and very useful binary numeration system for describing one and the prime natural numbers as will be seen below.
  • K is a key if and only if 0 is not an element of K, 1 and 2 are both elements of K and for any element t ofK greater than 2 the element t is a prime and there exist another prime in K that is larger than t but less than 2t. It follows that for any non-zero natural number, n, and any key, K, the number n can be written as a sum of a unique subset of K.
  • MaxK ⁇ 1, 2, 3, 5, 7, 13, 23, 43, 83, ... >
  • Max/Perm Prime Arithmetic pair - transformation rules that transform equal valued pairs of primes in the multi-set union of the multiset corresponding to the inputs 79 and 47 if and only if there are Max/Perm Prime Arithmetic pair- transformation rules that transform equal value pairs in the multi-set union of the multiset corresponding to the inputs 79' and 47' .
  • the paired transformation rules used to transform 79 and 47 into 126 are shown below:
  • Max/Perm Prime Arithmetic pair- transformation rules that transform the multi-set union of 79' and 47' into 126' are directly derived from Max Standard Arithmetic pair transformation that translate the multiset union of the set of primes that represent 79 and the set of primes that represent 47'. The translations are shown below:
  • MaxK ⁇ 1, 2, 3, 5, 7, 13, 23, 43, 83, ... >
  • table 2100 of FIG. 21 that associates with the natural number one the binary string ⁇ 10 > and associates for every positive natural number k, a binary string that names the prime natural number p(k).
  • the recursion used to create the table 2100 is described more formally below using a notation that allows the symbols "[x]p" to name a position in the table 2100 with the binary string naming p(x):
  • the FHE/UHE methodologies of the present invention are implemented as logical steps in one or more computer systems.
  • the logical operations of the present invention are implemented as a sequence of processor-implemented steps executing in one or more computer systems and/or as interconnected machine or circuit engines within one or more computer systems.
  • the implementation is a matter of choice, dependent on the performance requirements of the computer system implementing the invention.
  • FIG. 3 illustrates an example of a suitable computing system environment 300 for implementing the FHE/UHE processes of the present invention comprising a computing device in the form of a computer 310.
  • Components of the computer 310 may include, but are not limited to, a processing unit 320, a system memory 330, and a system bus 322 that couples various system components including the system memory 330 to the processing unit 320.
  • the computer 310 typically includes a variety of computer readable media that can be accessed by computer 310.
  • the system memory 330 may include computer storage media in the form of volatile and/or nonvolatile memory such as read only memory (ROM) and/or random access memory (RAM).
  • ROM read only memory
  • RAM random access memory
  • system memory 330 may also include an operating system, application programs, other program modules, and program data.
  • a user can typically enter commands and information into the computer 310 through input devices 340.
  • a monitor or other type of display device (not shown) is also connected to the system bus 322 via an interface, such as output interface 350.
  • computers can also include other peripheral output devices such as speakers and a printer, which may be connected through output interface 350.
  • server may refer to a single distinct computing device or a network of computing devices that are collectively configured to receive and to transmit data as an addressable unit.
  • memory or “memory device” may refer to a single storage device or a network of storage devices that are collectively configured to receive and to transmit data as an addressable unit.
  • the computer 310 may operate in a networked or distributed environment using logical connections to one or more other remote computers, such as remote computer 370.
  • the remote computer 370 may be a personal computer, a server, a router, a network PC, a peer device or other common network node, or any other remote media consumption or transmission device, and may include any or all of the elements described above relative to the computer 310.
  • the logical connections illustrated in FIG. 3 include a network 372, such as local area network (LAN) or a wide area network (WAN), but may also include other networks/buses.
  • LAN local area network
  • WAN wide area network
  • Such networking environments exist in homes, offices, enterprise-wide computer networks, intranets and the Internet.
  • the UHE scheme of the present invention enables application of a plurality of analyses including evaluation of polynomials of bounded degree on elements of encrypted data thereby maintaining confidentiality of sensitive data.
  • predictive analysis uses computational tools, often statistical tools including modeling, data mining, or game theory to analyze data to make predictions about future events, trends, or values.
  • predictive analysis employing statistical computations such as, but not limited to, an average, a standard deviation, and a logistical regression, may be performed.
  • the FHE/UHE semantic security described above provides the possibility of public key encryption using FHE/UHE.
  • the keying mechanism described above is private or symmetric key.
  • the D(K.i, L.j)-key used above is a secret key in the symmetric keying mechanism described.
  • the random prime additive ⁇ in the additive morph and the random prime factor ⁇ in the multiplicative morph offers the following two possibilities: • Symmetric Keying - ? is kept in plaintext and carried along with their respective cipher texts with 3 ⁇ r(K.i, L.j)-key being the evaluation key Ek
  • One method of maintaining the secrecy of a user's data in a cloud-based computational environment is to store all data in an encrypted format and to perform the computations on the encrypted data, without decrypting the data first.
  • the FHE/UHE scheme of the present specification enables storage and computation of secret data without decrypting the data.
  • the term "cloud” typically refers to any group of networked computers capable of delivering computing services (such as computations, applications, data access, and data management and storage resources) to end users. This specification does not limit the type (such as public or private) of the cloud as well as the underlying system architecture used by the cloud.
  • a server or client device would encrypt plaintext data in a computing device having a processor and memory by: 1) at step 1005, receiving, in the memory of the computing device, plaintext data, which comprises a plurality of bits, 2) at step 1010, deriving from the plaintext data a first input data element and a second input data element, where the data element is any representation of the plaintext data bits and is preferably in the form of an integer (first input integer and a second input integer), and 3) at step 1015, accessing a first table stored in the memory of the computing device, where the first table associates a plurality of integers with a plurality of first order symbolic representations.
  • the first table may be predefined prior to the encryption process or computed on the fly and provided in real-time.
  • the server or client device then identifies, at step 1020, in the first table, a first first-order symbolic representation of the first input integer and a second first-order symbolic representation of the second input integer.
  • the server or client device then obtains, at step 1025, from the first table the first first-order symbolic representation and the second first-order symbolic representation.
  • the server or client device then accesses, at step 1030, a second table stored in the memory of the computing device (predefined or computed on the fly), which associates a plurality of integers with a plurality of first-order symbolic representations, and subsequently identifies in the second table, at step 1035, a third integer associated with the first first-order symbolic representation and a fourth integer associated with the second first-order symbolic representation.
  • the server or client device then obtains, from said second table, at step 1040, the third integer and fourth integer and accesses, at step 1045, the first table to identify a third first-order symbolic representation of the third integer and a fourth first-order symbolic representation of the fourth integer.
  • the server or client device obtains from the first table, the third first-order symbolic representation and the fourth first-order symbolic representation, wherein the third first-order symbolic representation and fourth first-order symbolic representation are encrypted forms of the first input integer and second input integer, and in steps 1055 onward, repeats the deriving, accessing, identifying, and obtaining steps for each bit of said plurality of bits of plaintext data to yield an encrypted form of the plaintext data, where the encrypted form of the plaintext data does not occupy more than 4 times nlog(n) of the memory and wherein n is equal to the number of said plurality of bits.
  • a server or client device would encrypt plaintext data in a computing device having a processor and memory by: 1) receiving, in the memory of the computing device, plaintext data comprising a plurality of bits; 2) deriving from the plaintext data a first data element (e.g. input integer) and a second data element (e.g.
  • a server or client device would encrypt plaintext data in a computing device having a processor and memory by: 1) receiving, in the memory of the computing device, plaintext data comprising a plurality of bits; 2) deriving from the plaintext data a first input integer and a second input integer; 3) accessing a first table stored in the memory of the computing device, the first table associating a plurality of integers with a plurality of first-order symbolic representations, to identify a first first-order symbolic representation of the first input integer and a second first- order symbolic representation of the second input integer; 4) obtaining the first first-order symbolic representation and the second first-order symbolic representation, where the first first-order symbolic representation and said second first-order symbolic representation are encrypted forms of the first input integer and second input integer; 5) repeating the deriving, accessing, and obtaining steps for each bit of the plurality of bits of plaintext data to yield an encrypted form of the plaintext data, where the encrypted form of the plaintext data does not occupy more than 4 times nlog
  • a server or client device would process encrypted data in a computing device having a processor and memory by: 1) receiving, in the memory of the computing device, the encrypted data, where the encrypted data comprises a string of symbols, wherein each of said symbols is a node labeled tree representation of an integer; 2) applying at least one string concatenation operation on at least a portion of the encrypted data to yield modified encrypted data, where applying the string concatenation operation to a portion of the encrypted data is adapted to be mathematically equivalent to applying an addition and/or multiplication operation on a portion of the plaintext data, and where applying the string concatenation operation to the portion of the encrypted data requires no more than 10 times more processing cycles, executed by the processor, than the mathematically equivalent addition and/or multiplication operation applied on the portion of the plaintext data; 3) outputting the modified encrypted data; and 4) decrypting the modified encrypted data to yield modified plaintext data, where the modified plaintext data is equal to an output of said mathematically equivalent addition and/or multiplication operation applied to the plaintext data.
  • the server or client device may implement a variety of optional features, including 1) the first table being partially representative of a key and one of a first plurality of tables and where each entry in each of said first plurality of tables relates an integer to a symbolic representation; 2) a first-order symbolic representation of an integer in one of the first plurality of tables differing from a first-order symbolic representation of the integer in any other of the first plurality of tables, 3) the first plurality of tables defining a cardinal enumeration of dimension K where K is a positive natural number, 4) the second table being partially representative of a key and one of a second plurality of tables, where each entry in each of the second plurality of tables relates an integer to a first-order symbolic representation; 5) the first-order symbolic representation of an integer in one of the second plurality of tables differing from a first-order symbolic representation of the integer in any other of the second plurality of tables; 6) the second plurality of tables defining an ordinal enumeration of dimension L where L is a positive natural
  • FIG. 4 illustrates an embodiment of an exemplary cloud-based scenario 400 providing secure storage and computation services on data encrypted using a user's public key 408 (under a public-key or asymmetric cryptography scheme), although in an alternative implementation, symmetric-key encryption, using a shared secret/key, may be employed.
  • a plurality of data collection, generation or provider entities 405 (hereinafter referred to as 'data entities') are communicatively coupled to a cloud service system 410 via a public or private communication network 415.
  • the data entities 405 encrypt data 406 using the public key 408 before uploading the data 406 to the cloud service system 410.
  • Data 409 represent the user's data being uploaded in encrypted format to the cloud service system 410.
  • the encrypted data 409 may be streamed in real time or uploaded in batches to the cloud service system 410.
  • the uploaded encrypted data 409 is received by at least one storage device 418 associated with the cloud service system 410.
  • the at least one storage device 418 may physically or logically reside within a single location or organization, or may be distributed.
  • the cloud service system 410 performs a plurality of computations/operations on the uploaded encrypted data 409 without decrypting the data itself.
  • a plurality of application specific computation/operation functions 420 reside within the storage device 418. These functions 420 are called upon by a computing system 425 to perform a plurality of computations, calculations or analyses on the encrypted data 409 to generate a plurality of processed encrypted output 430 without breaching secrecy of the encrypted data 409.
  • the processed encrypted output 430 is then communicated to the user 435 who decrypts the output 430 using a private key 432.
  • the FHE/UHE system based public/private key pair 408, 432 are generated by a trusted third party which publishes the public key 408 and distributes the private key 432 to the registered user.
  • the aforementioned cloud service based implementation of the FHE/UHE system of the present invention may be customized for a plurality of specific applications.
  • the scenario 400 of FIG. 4 is enabled for secure storage and processing of a patient's electronic health records (EHR).
  • EHR electronic health records
  • the plurality of data entities 405 are various healthcare-monitoring devices monitoring the patient to collect and encrypt data 406 pertaining to a patient's medical record before uploading the patient's encrypted data 409 to the patient's record in the cloud service system 410.
  • the healthcare-monitoring devices comprise devices such as a blood pressure reader, heart monitor, a thermometer, a pulse oximeter, an image data store, such as an imaging database containing a patient's MIR results, or any other healthcare data source that would be readily evident to persons of ordinary skill in the art.
  • the encrypted data 409 may include blood pressure readings, heart monitor data, blood sugar readings, for example, along with information about the patient, such as age, weight, gender, and other patient parameters.
  • the functions 420 are, in this embodiment, healthcare computation/operation functions that perform a plurality of computations on the patient's encrypted medical data 409. Example computations that may be performed include without limitation averages, standard deviations, and other statistical functions, such as logistical regressions that can help predict the likelihood of certain dangerous health episodes.
  • the computing system 425 sends processed encrypted output 430 to the patient 435.
  • the output 430 may comprise various updates, alerts, predictions, or recommendations which, in an embodiment, are decrypted by various monitoring and/or dosage devices, or an alert station that provides a user interface to the alert information, or by other healthcare systems.
  • FIG. 5 is a flow chart illustrating a plurality of exemplary steps for implementing a cloud based electronic healthcare records system in accordance with an embodiment.
  • a patient's medical data is acquired.
  • the acquired medical data is then encrypted, at step 510, using FHE/UHE based on the patient' s public key and thereafter the encrypted medical data is uploaded for storing, at step 515, to a cloud service system.
  • the medical data may be acquired using a plurality of healthcare-monitoring devices and streamed in real-time or in batches directly to the cloud service system and/or may be uploaded offline by a caregiver.
  • a computing system associated with the cloud service system then uses a plurality of healthcare functions to perform computations, operations or analyses on the encrypted medical data of the patient.
  • the processed encrypted output / result is communicated back to the patient, at step 525 where the encrypted output / result is decrypted, at step 530, using the patient's private key.
  • the scenario 400 of FIG. 4 is enabled for secure storage and processing of financial, compliance (such as taxes) and/or business data for a user's consumption.
  • the plurality of data entities 405 correspond to corporate, banks, financial institutions, stock exchanges, financial analysts, brokerage firms, financial and taxation regulatory bodies/authorities.
  • these data entities 405 generate a plurality of financial and/or business data 406.
  • data 406 may comprise stock price data over a period of time, inventory, a plurality of accounts related data such as sales, costs, expenses, investments and debt.
  • data 406 may comprise a plurality of asset and liability items such as loans, interests, deposits and other cash inflows/outflows. Still further, in case of an individual, data 406 may comprise income, expenses and investments as part of personal income tax computation disclosures. It should be appreciated that these financial/business data entities 405 may generate a portion of the financial and/or business data 406 themselves and may collect, acquire or source another portion of the data 406 from third parties (such as, for example, stock price information may be sourced from a stock exchange). Alternatively, all financial and/or business data 406 may be generated by these financial/business data entities 405 themselves or fully sourced from third parties depending on the context of business operations and the sensitive nature and availability of such data 406.
  • the aforementioned plurality of financial and/or business data 406 is encrypted using the user's public key and uploaded to the at least one storage device 418 as encrypted financial and/or business data 409.
  • the functions 420 are, in this embodiment, financial computation/operation functions that perform a plurality of computations on the encrypted financial and/or business data 409.
  • the financial and/or business computation functions 420 are also encrypted using the user's public key and uploaded to the storage device 418 as encrypted functions.
  • Example computations that may be performed include without limitation financial ratio analyses, predictive models for stock price performance, inventory management decision modeling, enterprise resource planning and analyses, business operational management and performance analyses and benchmarking, asset-liability mismatch analyses, advance and forecasted tax liabilities.
  • the computing system 425 sends processed encrypted output 430 to the user 435.
  • the user 435 and a party representing the data entities 406 may be the same. However, in various alternate embodiments, the user 435 may be a different party from those representing the data entities 406.
  • the output 430 may comprise various financial and/or business related updates, alerts, predictions, or recommendations which, in an embodiment, are decrypted using the user's private key for the user's private consumption and/or financial / business publishing.
  • FIG. 6 is a flow chart illustrating a plurality of exemplary steps for implementing a cloud based financial and/or business compliance, intelligence and decision management system in accordance with an embodiment.
  • a plurality of financial and/or business data is acquired.
  • the acquired financial and/or business data is then encrypted, at step 610, using FHE/UHE based on a user's public key and thereafter the encrypted financial and/or business data is uploaded for storing, at step 615, to a cloud service system.
  • the financial and/or business data may be streamed in real-time or in batches directly to the cloud service system and/or may be uploaded offline.
  • a computing system associated with the cloud service system uses a plurality of financial and/or business functions to perform computations, operations or analyses on the encrypted financial and/or business data.
  • the processed encrypted output / result is communicated back to the user, at step 625 where the encrypted output / result is decrypted, at step 630, using the user's private key.
  • Distributed computing provides sharing of computer resources and services by communicative exchange among computing devices and systems. These resources and services include the exchange of information, cache storage and disk storage for objects, such as files. These resources and services also include the sharing of processing power across multiple processing units for load balancing, expansion of resources, specialization of processing, and the like.
  • computing systems can be connected together by wired or wireless systems, by local networks or widely distributed networks.
  • networks are coupled to the Internet, which provides an infrastructure for widely distributed computing and encompasses many different networks.
  • network topologies and network infrastructures such as client/server, peer-to-peer, or hybrid architectures, can be utilized.
  • a secure information providing/retrieval service which can be accessed through secured querying or search is described.
  • information/retrieval providing services include, without limitation, patent information retrieval systems, customer's banking account information systems, genetic arrangement information retrieval systems, archived email information retrieval systems, criminal and defense intelligence information retrieval systems, or general informational search. While accessing or querying such information providing services, for example, in the case of retrieving genetic arrangement information or patient information, it is desirable that who accessed the information under which conditions can be concealed, that is, confidentiality of the name of the user who accessed the information and the contents of retrieval/query is maintained.
  • Another example is that of accessing of a customer's banking account and related account processing resulting from the customer's e-commerce (via net banking and/or credit/debit card) or ATM transactions. It would be highly desirable if the customer's banking account information, especially account balances, payables/receivables, is stored and processed in encrypted form in response to an encrypted e-commerce/ATM transaction or query.
  • a yet another example is that of accessing/querying sensitive email archives that are stored in encrypted form and processed or searched without a need for decrypting in response to secured encrypted querying.
  • an information providing/retrieval service is enabled on a client-server topology 700, as illustrated in FIG. 7.
  • client-server topology 700 as illustrated in FIG. 7.
  • a user of such information providing/retrieval service accesses computers providing the information service via networks from various computers or terminals.
  • the computer or terminal operated by the user will be called a client computer, and the computer for providing information service will be called a server computer or DB server.
  • client computer the computer for providing information service
  • server computer or DB server To access the information providing service, the user uses dedicated software or a web browser on the client computer.
  • data management and retrieval on the server computer for providing information service are typically performed by a database management system (herein below, called a DBMS).
  • a DBMS database management system
  • a plurality of client computers 705 are connected to a third party server 710 via a network 715.
  • the third party server 710 is connected to a DB server 720 via a network 716.
  • the networks 715, 716 may be, for example, the Ethernet, a local area network (LAN) connected via an optical fiber or FDDI, or a wide area network (WAN) including the Internet.
  • a data management and retrieval system 725 which operates for information providing service, in communication with a database 730, on the DB server 720 may take the form of a general database management system (DBMS) such as, for example, Oracle 8 of Oracle Corporation, or DB2 of IBM Corporation.
  • DBMS general database management system
  • the networks 715, 716 are independent of each other in this example, they may be a single network. Although two client computers 705 are connected to the third party server 710, the number of client computers is arbitrary. The number of third party servers connected to the networks 715, 716 is also arbitrary. In an embodiment, in consideration of a case where the client computers 705 cannot have enough/requisite processing capability due to limitation of storage capacity, calculation capability, or battery capability like in a small portable terminal, PDA, smart phone, an ATM machine/dispenser - the third party server 710 is disposed between the client computers 705 and the DB server 720.
  • the third party server 710 is a trusted third party that issues UHE based public/private keys for encrypting information stored in the database 730 and ensures that all accesses/queries by client computers 705 as well as retrieval results from the DB server 720 are encrypted.
  • a part or all of the functions of the third party server 710 may be provided for by the client computers 705.
  • FIG. 8 is a flowchart illustrating a plurality of exemplary steps of a method of securely accessing, querying and processing a customer's bank account with reference to an e-commerce transaction.
  • one of the client computers 705 represents a customer who is buying a product at a price from an online retail store, for example.
  • the customer may input, at step 805, a plurality of financial data 735 such as his debit card number and other authentication information, such as a transaction password, on the online retailer's website with reference to the product price amount.
  • the financial data 735 is received, at step 810, by the third party server 710 via network 715.
  • the third party server 710 uses the customer' s public key based on the FHE/UHE method of the present invention to encrypt the financial data 735 and communicate encrypted financial data 740 to the DB server 720 via network 716.
  • the encrypted financial data 740 is in the form of a database query including at least one comparative condition and a computation condition.
  • an example of a computation condition may comprise a debit or subtraction operation causing the encrypted product price amount to be subtracted / debited from the encrypted balance of the customer in the database 730.
  • the DBMS 725 accesses the customer's encrypted accounts stored in the database 730, authenticates the customer's credentials vis-a-vis encrypted financial data 740 and processes the customer's account balance to reflect a debit in response to the purchased product price without the need to decrypt the encrypted financial data 740 or the encrypted bank account information of the customer stored on the database 730.
  • the customer's updated (as a result of the debit by an amount equal to the purchased product price) encrypted account balance 745 is communicated back to the third party server 710 that decrypts the encrypted account balance 745, at step 825, using the customer's private key before displaying the decrypted account balance 750 to the customer on the client computer 705.
  • the customer's financial data 735 is encrypted by the third party server 710
  • a part of the financial data 735 may already reside in encrypted form on the debit card.
  • the debit card number, customer ID, bank, branch and PIN may already be stored in encrypted format on the customer's debit card using the customer's private key.
  • FIG. 9 is a flowchart illustrating a plurality of exemplary steps of a method of securely accessing and querying a gene arrangement information retrieval database.
  • one of the client computers 705 represent a user who is querying gene arrangement information stored within the database 730. It should be appreciated that the gene arrangement information may be stored in encrypted from in the database 730, in accordance with an embodiment.
  • the user issues a query 735 including a 'search condition' that delineates a gene arrangement structure and related information to be accessed.
  • the query 735 may be constructed using a custom gene information retrieval web interface, in accordance with an embodiment, through one of the client computers 705.
  • the query is received by the third party server 710 via network 715.
  • the third party server 710 uses the user' s public key based on the UHE method of the present invention to encrypt the 'search condition' 735 and communicates encrypted query 740 to the DB server 720 via network 716.
  • the DBMS 725 compares the encrypted 'search condition' of the encrypted query 740 with encrypted gene arrangement information stored within database 730 and retrieves encrypted target gene information 745 corresponding to the requested encrypted 'search condition'. Thus, searching and comparison of gene arrangement information is conducted without the need to decrypt the encrypted gene information within the database 730 or the encrypted query 740.
  • the encrypted target gene information 745 is communicated back to the third party server 710 that decrypts the encrypted target gene information 745, at step 925, using the user's private key before displaying the decrypted target gene information 750 to the user on the client computer 705.
  • the FHE/UHE method of the present specification in a yet another non-limiting application, enables search engine queries where the search engine responds to a query without knowledge of the query, i.e., a search engine can provide an encrypted answer to an encrypted (Boolean) query without knowing what the query was. It also enables searching on encrypted data; one can store encrypted data on a remote server and later have the server retrieve only files that (when decrypted) satisfy some Boolean constraint, even though the server cannot decrypt the files on its own.
  • a user is provided with an encryption module on his or her client device which is adapted to perform the requisite encryption of the search and send the encrypted search request to a server.
  • the server performs a series of FHE/UHE functions on it, including multiplication and addition in the form of string concatenation operations, to generate a FHE/UHE output that is sent back to the encryption module on the client device, which, in turn, decrypts the FHE/UHE output and displays the result via a browser.
  • the disclosed homomorphic encryption system is used to secure credit card or other financial data.
  • a credit card is first manufactured with the credit card data stored locally in the credit card in a homomorphic encryption format.
  • a credit card, having a memory strip and/or locally positioned electronic circuit, is manufactured in step 1105.
  • a computing device comprising a processor executing a plurality of programmatic instructions stored in memory, accesses, in step 1110, the corresponding programmed credit card data, including the user's name, credit card number, expiration date, CCV code, and other codes and/or biometric data, from a memory.
  • the computing device subjects, in step 1115, the credit card data to the encryption process described above and, as a result thereof, outputs, in step 1120, credit card data in a FHE or UHE format.
  • the amount of memory occupied by the credit card data in the FHE or UHE format does not exceed 4 times nlog(n), where n is the length of plaintext credit card data in bits.
  • the amount of memory occupied by the credit card data in the FHE or UHE format does not exceed nlog(n), where n is the length of plaintext credit card data in bits.
  • the credit card with credit card data in the FHE or UHE format is used at a point of sale (PoS) terminal.
  • the PoS terminal has stored in a local memory a plurality of programmatic instructions adapted to access, in step 1205, the FHE or UHE formatted data on the card and apply to the FHE or UHE formatted data at least one string concatenation operation, as described above.
  • the at least one string concatenation operation is the mathematical equivalent to applying a multiplication and/or addition operation to the plaintext credit card data.
  • the PoS After applying, in step 1210, at least one string concatenation operation to the FHE or UHE formatted data and generating, in step 1215, modified FHE or UHE formatted data, the PoS then sends a request, in step 1220, which is derived from or a function of the modified FHE or UHE formatted data, to a remote server, typically owned, controlled, or otherwise managed by a credit card company, for validation and/or authentication.
  • the transmission of a request derived from or a function of the modified FHE or UHE formatted data would require bandwidth or a memory allocation that is no greater than 4 time nlog(n), wherein n is the number of bits of the plaintext data.
  • the remote servers receive the POS request, in step 1225, which is the output resulting from the application of the at least one string concatenation functions to the FHE or UHE formatted data (modified FHE or UHE formatted data).
  • the remote servers have stored in a local memory a plurality of programmatic instructions adapted to access, in step 1230, the request (which is in a FHE or UHE format) and apply to the request, in step 1235, at least one string concatenation operation.
  • the at least one string concatenation operation is the mathematical equivalent to applying a multiplication and/or addition operation to the plaintext version of the data.
  • the servers generate a second output, still in a FHE or UHE format, which is then transmitted back to the PoS terminal in step 1240.
  • the PoS terminal receives and subsequently processes the second output by applying, in step 1245, at least one string concatenation function and, if the final output meets a predefined validation, authentication, or other requirement, the transaction is completed.
  • the transaction is completed but at no time were the plaintext credit card data exposed.
  • the FHE and UHE encryption system can be used to protect an enterprise, a device or an application using homomorphic filtering. This filter would inspect traffic going in and the traffic going out and encrypt all unprotected, yet sensitive, information.
  • the disclosed FHE or UHE system is implemented in a server or network node to inspect data flowing in and out of a network, determine if any of that data requires a greater level of security, and, if so, apply a FHE or UHE encryption format to only the sensitive data portions, or reject the message and require the sending to first apply a FHE or UHE encryption format and resend.
  • a client device, server or network node has stored, in step 1305, in a memory a plurality of programmatic instructions adapted to inspect data, contained in a message, to determine, in step 1310, if the data contains any information that is sensitive or requires additional security. If the client device, server or network node determines the data being transmitted contains any information that is sensitive or requires additional security, the client device, server or network node applies, in step 1315, the encryption process described above and, as a result thereof, outputs, in step 1320, the flagged data in a FHE or UHE format.
  • the client device, server or network node comprises a processor executing a plurality of programmatic instructions stored in memory for applying the FHE or UHE encryption process described herein.
  • the FHE and UHE encryption system can be used to protect distributed public ledgers.
  • Distributed public ledgers such as the blockchain, are becoming increasingly important. However, these ledgers are unprotected while they are being used. These ledgers can contain sensitive information such as financial records, contractual terms, payment records and much more.
  • the FHE/UHE encryption system can ensure complete security of such information in a public platform like the blockchain.
  • Blockchain today uses public/private keying for security. With homomorphic encryption, the whole blockchain can always be encrypted and still be accessible to be used by people with appropriate credentials. Also, the power usage of the blockchain can be dramatically reduced because the FHE/UHE information with appropriate permissions and credentials can be used instead of expensive hashing.
  • homomorphic encryption In another embodiment, one of the most interesting applications of homomorphic encryption is its use in protection of mobile agents. Since all conventional computer architectures are based on binary strings and only require multiplication and addition, such homomorphic cryptosystems would offer the possibility to encrypt a whole program so that it is still executable. Hence, it could be used to protect mobile agents against malicious hosts by encrypting them.
  • the protection of mobile agents by homomorphic encryption can be used in two ways: (i) computing with encrypted functions and (ii) computing with encrypted data. Computation with encrypted functions is a special case of protection of mobile agents. In such scenarios, a secret function is publicly evaluated in such a way that the function remains secret. Using homomorphic cryptosystems the encrypted function can be evaluated which guarantees its privacy. Homomorphic schemes also work on encrypted data to compute publicly while maintaining the privacy of the secret data. This can be done encrypting the data in advance and then exploiting the homomorphic property to compute with encrypted data.
  • in-network data aggregation in WSNs is a technique that combines partial results at the intermediate nodes en route to the base station (i.e., the node issuing the query), thereby reducing the communication overhead and optimizing the bandwidth utilization in the wireless links.
  • this technique raises privacy and security issues if the sensor nodes which need to share their data with the aggregator node.
  • the aggregation has to be carried out in a privacy-preserving way, so that the sensitive data are not revealed to the aggregator.
  • Prior art schemes for additive data aggregation functions are not generic and cannot be applied for multiplicative aggregation function.
  • Homomorphic encryption schemes can be applied to protect privacy of input data while computing an arbitrary aggregation function in a wireless sensor network.
  • messaging applications on mobile client devices can implement the disclosed encryption processes to encrypt plaintext data and transmit it to a third party. While such encrypted messaging exists, the disadvantage is that intermediate servers who receive or route the traffic are unable to inspect the messages for viruses, advertising related information, spam, or other content.
  • the disclosed FHE or UHE system is implemented in a client device to encrypt a message. The encrypted message is sent from the client device through a network to a destination client device. As the encrypted message passes through the network, intermediate servers apply string concatenation operations on the encrypted messages to and examine the output to determine if the encrypted message has viruses or other undesirable content. The output is further examined to extract relevant data in order to potentially assess the type, scope, and extent of content being delivered over a network, thereby enabling improved reporting and tailored advertising.
  • the present FHE/UHE system can be used to functionally embed digital watermarking and fingerprinting data elements into digital data.
  • the homomorphic property is used to add a mark to previously encrypted data.
  • watermarks are used to identify the owner/seller of digital goods to ensure the copyright.
  • fingerprinting schemes the person who buys the data should be identifiable by the merchant to ensure that data is not illegally redistributed.
  • a file and user authentication mechanism can also be built along similar lines by embedding a unique homomorphically encrypted digital signature into digital data.
  • the signature can be retinal scans, fingerprints, voice sample or any such unique marks.
  • the file is then authenticated using the sample of the signature from the user before allowing access to it.
  • a group of users can keep their files cryptographically scrambled using a secret key which is only accessible to such users and in such a case it is highly possible that no hacker will have the code-breaking resources necessary to crack them, but, as soon as any of these users would want to actually do something with those files such as editing a word document or querying a database of financial data, he or she will have to unlock the data and leave it vulnerable. That is a very serious problem with data storage and sharing services today.
  • the present specification discloses a shared data storage system in which any of the authorized users of that storage system can store raw data in an encrypted format and the other users can access such raw data to run computations on the same without having any access to the original raw data.
  • a user can encrypt the raw data through a private key which is not shared with any other user and stores the resulting encrypted data on the shared database system disclosed in this specification. Any other user who has the right to access that database can access the encrypted raw data to run computations on the same and see the output results by decrypting the same using a public key. However, no other user apart from the owner/creator of data can see the original raw data.
  • the present specification discloses a shared storage, sharing and multiple party processing service wherein the entire data is always private.
  • the system disclosed in the present specification is similar to a Dropbox or a Google drive however with additional security features such that the users can store their data in an encrypted format and yet allow other users to access the data to run computations on such data.
  • a group of people can provide access to their salary through a shared database system, and can together compute the average wage of the group. Each participant learns his relative position in the group, but learns nothing about other members' salaries.
  • the data is encrypted through a FHE/UHE encryption method disclosed in this specification before storing the same in the shared data storage system.
  • the FHE/UHE scheme of the present specification enables storage and computation of private data without decrypting the data.
  • the system uses the UHE encryption method disclosed in this specification to encrypt sensitive data during uploading of data such that the secret key used to encrypt the data is retained by the user and is not shared with any other user.
  • the UHE encryption system is fully homomorphic and the cost of processing encrypted data in a UHE system is similar to the cost of processing unencrypted, plaintext data, it can be used to efficiently store and process sensitive information without ever having to expose it. Further, as the UHE encryption system is completely scalable, applications requiring heavy processing can also be easily serviced.
  • a shared storage, sharing and multiple party processing service wherein a certain amount of storage along with private sharing and multi-party private processing of data is allowed for free, but usage beyond that is charged based on a formula.
  • the usage is charged based on a formula that takes both amount of data and amount and type of processing required into account.
  • FIG. 14 describes a shared data storage system in accordance with an embodiment of the present specification.
  • a server device 1405 is in communication with multiple client devices 1401.
  • the client device 1401 is a typical computing device such as a personal computer, tablet or a mobile device that has the data processing and data communication capabilities.
  • the server device 1405 acts as the shared database and comprises one or more memory devices 1406 and one or more processing units 1407 which physically or logically reside within a single location or organization, or may be distributed.
  • the various client devices are connected to an Ethernet or local area network.
  • the various client devices are located at remote locations and communicate with the server 1405 through a public network such as Internet.
  • the various client devices 1401 are configured to store data on the memory 1406 present in the server 1405.
  • the server 1405 is configured such that all the shared data stored on the memory 1406 is in an encrypted format.
  • the data is encrypted by the client device 1401 using a private key 1403 before uploading the same to the shared database present on the server 1405.
  • the data 1402 represent the user's data being uploaded in encrypted format to the server 1405.
  • the encrypted data 1402 may be streamed in real time or uploaded in batches to the server or shared database 1405.
  • any of the client devices 1401 can access such data to perform a plurality of computations/operations on the uploaded encrypted data without decrypting the data itself.
  • the output of such computations is then decrypted by the corresponding client device 1401 through a public key to access the results of such computations.
  • the server 1405 is configured such that the data encryption and decryption is performed at the server 1405 such that the client devices 1401 transmit plaintext unencrypted data to the server 1405.
  • the server 1405, through the help of processor 1407 encrypts this plain text data before storing the same on the memory 1406.
  • the server 1405 performs such computation on the encrypted data stored on the memory device 1406 to generate the output data in an encrypted format.
  • the server 1405 then decrypts the encrypted output data to produce the output data in a plaintext format which is then transferred to the corresponding client device 1401.
  • FIG. 15 shows a flowchart depicting the process followed in the shared database system wherein the data encryption and data decryption are performed on the server.
  • the plain text data is received by the server device.
  • the plaintext data is received from a client device and in an alternate embodiment, the plaintext data is not received from a client device but is directly stored in the server.
  • the plaintext data is encrypted and is subsequently stored in a memory device.
  • the plaintext data is encrypted through a UHE encryption format disclosed in various embodiments of the present specification.
  • the shared database system receives a request from a client device to perform certain computations or operations on the data stored in the system.
  • the system performs the required computations or operations on the encrypted data and generates the output data which is also in an encrypted format.
  • the system decrypts the encrypted output data to generate plaintext output data and in step 1506, the system transfers the final plaintext output data to the corresponding client device which requested for performing the computations on the data.
  • FIG. 16 shows a flowchart depicting the process followed in the shared database system wherein the data encryption and data decryption are not performed on the server.
  • the encrypted data is received by the server device.
  • the encrypted data is stored in a memory device.
  • the encrypted data is received from a client device which encrypts the data before transferring it to the server device and in an alternate embodiment, the encrypted data is not received from a client device but is directly stored in the server.
  • the plaintext data is encrypted through a UHE encryption format disclosed in various embodiments of the present specification.
  • the shared database system receives a request from a client device to perform certain computations or operations on the data stored in the system.
  • the system performs the required computations or operations on the encrypted data and generates the output data which is also in an encrypted format.
  • the system transfers the encrypted output data to the corresponding client device which requested for performing the computations on the data.
  • the corresponding client device then decrypts the output data to see the results of the computations.
  • the shared data storage system of the present specification is referenced as "Dark Pool" as the original raw data stored in this data storage system is always in an encrypted format and cannot be accessed by any user except the original owner/creator of that data.
  • the shared data storage system of the present specification is used to provide a data marketplace in which confidential data can be stored in an encrypted format such that subscribers to that data marketplace can run computations on that data without accessing the original raw data.
  • a data marketplace comprising genomic information related to various patients is created and various subscribers such as a pharmaceutical company looking for patients for clinical trials are allowed to scan this genomic database for candidates.
  • the information related to all the patients is stored in an encrypted format such as the universal homomorphic encryption format disclosed in the present specification.
  • the subscriber pharmaceutical company in this case
  • the subscriber is provided information about the corresponding patient.
  • the subscriber is not provided access to the raw genomic data of all the patients.
  • the above confidential data marketplace structure eliminates tremendous amount of friction among various stakeholders and has the potential to lower the cost of customer acquisition for subscribers.
  • the shared encrypted data storage system of the present specification can be used by businesses to create a secure backend comprising confidential data.
  • companies are required to store various types of confidential data such as the customer data on their remote and local machines to provide personalized services, match individual preferences, target advertisements and offers.
  • providing access of such confidential data to all the employees or other stakeholders accessing such remote and local machines makes the data highly vulnerable and a lot of times such confidential data is compromised.
  • the shared data storage system of the present specification alleviates this problem by storing the data in an encrypted format and only providing restricted access to users wherein the users can run computations on such data or can query the database for specific information but they cannot access the backend database.
  • the shared data storage system or the "Dark Pool" disclosed in the present specification can be used by companies to protect their data and trade secrets from corporate espionage or stealing by rogue employees.
  • the companies can create internal compartmentalization wherein the data is stored in an encrypted format in shared databases. The employees are still allowed to use and analyze data for the benefit of the organization but they are not allowed to access the original raw data. Such a system could enhance the productivity of the organization as more number of people can be provided access to such a secure database.
  • the shared data storage system or the "Dark Pool" disclosed in the present specification can be used to enable blind e-voting by voters. Voting on any subject such as political election or a company board meeting can be conducted without exposing anything besides the final outcome.
  • the data related to individual votes is stored in an encrypted format such as the universal homomorphic encryption format disclosed in the present specification in a shared database and the agency which is coordinating the voting is allowed to only run computations on that data to calculate the final outcome without having any access to the original individual votes. Not only is the privacy of each voter is maintained, even the actual vote count can remain private.
  • the shared data storage system or the "Dark Pool” disclosed in the present specification can be used to authenticate and securely store identities of people in a fully anonymous way which can be used for various applications.
  • a user shares her personal information for authentication which is stored in a "Dark Pool” in an encrypted format and when the user logs in, an authenticating private contact is executed to validate the user and link her real identity with her public pseudo identity.
  • the shared data storage system or the "Dark Pool” disclosed in the present specification is used to securely store the data collected by various IOT (Internet of Things) devices such that the original raw data is stored in an encrypted format such as the universal homomorphic encryption format disclosed in the present specification.
  • IOT Internet of Things
  • Various devices or applications using inputs from such IOT devices can access specific data elements or run computations on such data through such a shared database but cannot access the complete original raw data.
  • the shared data storage system or the "Dark Pool" disclosed in the present specification can be used for multi factor authentication of people.
  • Confidential authentication data such as voice samples and fingerprints is stored in an encrypted format on a shared database which cannot be accessed by anyone. Only the user can access his personal data or authorized third parties are allowed access to scan this database by providing them the additional decryption keys.
  • the shared data storage system or the "Dark Pool” disclosed in the present specification can be used to provide distributed personal data stores wherein data is stored in an encrypted format such that it can be shared with third parties while maintaining complete control and ownership. Specific policies are created for each data store so that the subscribers can run specific allowed computations on the data stored in such data store without having any access to the original raw data.
  • the shared data storage system or the "Dark Pool” disclosed in the present specification can be used to build and support a secure, scalable Big Data processing and analytics system.
  • Big Data refers to massive volumes of data, of the order of terabytes to petabyte scale, distributed over a myriad of storages. The data is generated, stored, and owned by a large number of disparate entities such as individuals, and institutions / organizations - private and public. These entities are unwilling to share data as there is an element of sensitivity and/or privacy attached to most of the data. As a result, sharing of data as well as access to data is limited and therefore actionable insights or analytics, resulting from processing such limited data, often lack comprehensiveness.
  • the original raw data from these disparate entities is stored in the shared data storage system or Dark Pool of the present specification in encrypted format that cannot be accessed by any user except the original owner of that data.
  • the data may include structured proprietary data, isolated encrypted private data and semi-structured or unstructured plain text public data.
  • the present specification discloses a Dark Pool technology stack and framework that enables building and implementation of secured and scalable Big Data analytics applications using distributed computing, networking and storage resources that may be available locally or rented from a cloud infrastructure.
  • the Dark Pool technology stack enables keeping individual databases and data warehouses completely isolated from one another while different datasets, from these databases and data warehouses, are simultaneously analyzed.
  • Big Data analytics built on Dark Pool technology stack, architecture or framework enables blind data processing that allows for complete data security.
  • the present specification discloses a framework, architecture or technology stack for supporting data management solutions that surpass traditional data warehousing systems to implement Big Data analytics for applications such as, but not limited to, risk modeling (for example, running stochastic algorithms and implementing collocation methods for numerical solution of ordinary differential equations, partial differential equations and integral equations), fraud prevention and detection (for example, analyzing current and historical customer transaction data from a multitude of sources to detect fraud patterns or opportunities during a lifetime cycle of a customer, and implementing methods related to recognition of patterns and regularities in data), and predictive analytics (for example, analyzing time series data to extract meaningful statistics and predict future values based on previously observed values, performing pattern matching, and performing analysis based on methods such as Discrete Fourier Transform, Singular Value Decomposition, Discrete Wavelet Transform).
  • risk modeling for example, running stochastic algorithms and implementing collocation methods for numerical solution of ordinary differential equations, partial differential equations and integral equations
  • fraud prevention and detection for example, analyzing current and historical customer transaction data from a multitude of sources to
  • FIG. 20 is a block diagram illustration of a technology stack, architecture or framework for building and implementing Big Data processing and analytics applications based on shared data storage system or "Dark Pool", in accordance with an embodiment of the present specification.
  • the stack 2000 comprises a first layer 2005 which is an Operating System (OS) layer to manage various underlying computing hardware and software resources.
  • the OS layer 2005 may be implemented using any multi-tasking, multi-user distributed system software known in the art such as Microsoft Windows, macOS by Apple or Linux. In a preferred embodiment, the OS layer 2005 implements the Linux operating system.
  • OS Operating System
  • the second layer 2010 provides operating system-level virtualization using a software container architecture or platform such as the Docker system or Linux Containers, for example.
  • a container is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings such that containerized software will always run the same, regardless of the environment.
  • containers are an abstraction that packages code and dependencies together. Thus, multiple containers can run on the same machine and share the OS kernel (of the first layer 2005) with other containers, each running as isolated processes.
  • the second layer 2010 also implements Flannel based virtual overlay network for use with Docker containers.
  • Flannel implements a virtual network that attaches IP addresses to containers for container-to-container communication.
  • the third layer 2015 supports a plurality of containerized micro-services such as Hadoop 2016, Data Manager 2017, Tree (Data Structure) Processor 2018, Query Processor 2019, UHE Processor 2020 and User Manager 2021.
  • the fourth layer 2030 illustrates a functional view of a plurality of containers related to the plurality of micro-services of the third layer 2015.
  • the Hadoop 2016 is a MapReduce framework used for distributed storage and processing of very large datasets (of the "Dark Pool") on computer clusters built from commodity hardware. Hadoop utilizes a distributed, scalable, portable file system, called Hadoop Distributed File System (HDFS), to distribute massive amounts of data among data nodes in a Hadoop cluster.
  • HDFS Hadoop Distributed File System
  • the third layer 2015 also supports (in addition to Hadoop) cluster-computing frameworks such as the Apache Spark which is an in-memory engine for processing large scale datasets (such as the "Dark Pool”).
  • the Data Manager micro-service 2017 is related to organization, administration and governance of large volumes of structured as well as semi-structured and unstructured data such as machine logs, text documents and media frames.
  • a first container 2032 encapsulates diverse data types and sources
  • a second container 2034 encapsulates data blocks
  • a third container 2036 encapsulates query analysis and MRETL API.
  • the first, second and third containers 2032, 2034, 2036 are associated with the Hadoop 2016 and Data Manager 2017 micro-services.
  • the Tree and Query Processor micro-services 2018, 2019 are associated with fourth, fifth and sixth containers 2038, 2040, 2042.
  • the fourth container 2038 encapsulates services and applications such as pattern matching over trees, query and search over trees and predictive analytics.
  • the fifth container 2040 packages tree structure processing and internal tree mapping services while the sixth container 2042 packages meta data processing and extraction tools.
  • the UHE Processor 2020 provides encryption services based on Universal Homomorphic
  • the User Manager micro-service 2021 enables seventh and eight containers 2044, 2046.
  • the seventh container 2044 packages services related to user access management as well as managing rules and policies to access "Dark Pool" data.
  • the eighth container 2046 encapsulates services related to data format processing and those related to handling structured and unstructured data formats.
  • the fifth layer 2050 supports user interfaces and micro-service communications using API such as the RESTful (Representational state transfer) API.
  • the fifth layer 2050 also supports processing and querying structured or semi-structured data based on the Java Script Object Notification (JSON) data model.
  • JSON Java Script Object Notification
  • data is represented as an array of objects.
  • the query language for JSON is compiled to a series of MapReduce tasks that may be executed over a Hadoop cloud, for example.
  • the sixth layer 2055 is the topmost layer that supports a plurality of user interface (UI) components such as Data Scoop 2057, ETL Mapper 2059, Data Analyzer 2061, Meta Data Mapper 2063, Administration and Access Control 2065 and Query Response 2067.
  • UI user interface
  • the Data Scoop component 2057 provides a command-line interface application for transferring bulk data between Hadoop and structured data stores such as relational databases.
  • the ETL Mapper 2059 performs extract, transform, and load (ETL) functions.
  • the Data Analyzer component 2061 handles processing and analyses on "Dark Pool" data while the Meta Data Mapper 2063 is a metadata mapping utility.
  • the shared data storage system or the "Dark Pool” disclosed in the present specification can be used to provide a decentralized private key generation system for a virtual Bitcoin wallet.
  • multiple dark pool nodes or databases locally create a segment of the key, whereas the full key is only ever assembled by the user leaving no trail of the evidence.
  • the shared data storage system disclosed in the present specification is used to provide a decentralized transaction signing system for a bitcoin wallet.
  • the transactions can be signed without ever exposing the private key which is stored in an encrypted format on the "Dark Pool”.
  • the system is used to provide a decentralized control system for a bitcoin wallet such that information related to various control elements such as spending limits, required signatures is stored in an encrypted format inaccessible to the hackers.
  • a blockchain is a distributed database that maintains a continuously-growing list of data records hardened against tampering and revision. It consists of data structure blocks which hold exclusively data in initial blockchain implementations, and both data and programs in some of the more recent implementations with each block holding batches of individual transactions and the results of any blockchain executables.
  • Bitcoin and other blockchains (e.g., Ethereum) promise a new future.
  • Internet applications can now be built with a decentralized architecture, where no single party has absolute power and control.
  • the public nature of the blockchain guarantees transparency over how applications work and leaves an irrefutable record of activities, providing strong incentives for honest behavior. Bitcoin, the currency was the first such application, initiating a new paradigm to the web.
  • blockchain is a public ledger.
  • the present specification describes a novel private blockchain system wherein encryption methods such as the UHE encryption format disclosed in the present specification is used to homomorphically encrypt sensitive data within the blockchain. Since UHE is fully homomorphic and the cost of processing encrypted data in UHE is similar to the cost of processing unencrypted, plaintext data, it can be used to efficiently process sensitive information without ever having to expose it. And since UHE is completely scalable, applications requiring heavy processing are not a problem. In an embodiment, one can charge for the ability to process UHE encrypted blockchain data, based on a formula that takes both amount of data and amount and type of processing required. V. TRANSFORMING PARTIALLY HOMOMORPHIC CONVENTIONAL
  • Partially homomorphic encryption systems may be transformed into fully homomorphic encryption systems that are scalable, rapid in translation speed, difficult to invert or break, capable of enabling various types of public and/or private key generation protocols and semantically secure.
  • Input plaintext data are transformed into modified plaintext data using a prime number operation and the modified plaintext data is then encrypted using any number of conventional encryption schemes. Desired computations on the encrypted data are transformed into homomorphic operations, based on the nature of the encryption format, and the homomorphic operations are applied to yield manipulated encrypted data.
  • the manipulated encrypted data may be decrypted and the decrypted plaintext data may be modified into final, output plaintext data using a similar prime number operation as applied during encryption.
  • the final, output plaintext is equivalent to plaintext data that would have been generated by just applying the desired computations to the input plaintext data.
  • the claimed systems and methods receive plaintext data into a computer, which can be a single device or a set of networked computing devices comprising at least one processor and a memory.
  • the input plaintext data is first modified into modified plaintext data.
  • the processor performs the modification by obtaining integer representations of the plaintext data and, for each integer, generating a set of prime numbers.
  • the set of prime numbers is generated by first identifying the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the integer representation.
  • the list of predefined prime numbers may be of any length but is preferably in a range of 128 numbers.
  • the identified prime number is then subtracted from the integer to yield a remainder.
  • a second prime number is identified which is the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the remainder.
  • This process is completed until a final number, one, is identified in which case the number one is mapped to a prime number that has not been previously used.
  • the resulting process yields a set of prime numbers which are then multiplied together to yield a modified integer representative of the plaintext data, also referred to as modified plaintext data.
  • an additional unused prime number not included within the plurality of prime numbers may be identified for future use.
  • a conventional encryption system such as RSA, Goldwasser-Micali, El-Gamal, Benaloh, Paillier, any encryption format which is not homomorphic for both multiplication and addition operations or any encryption format which is not homomorphic for all of division, subtraction, multiplication and addition operations, can then be applied to the modified plaintext data to yield encryption data.
  • the encryption data may then be homomorphically manipulated across addition, multiplication, subtraction and division operations, even though the conventional encryption methods are not fully homomorphic.
  • a desired computation is first transformed into a homomorphic operation, based on the type of encryption format applied, by redefining an addition operation (requested computation) as at least one multiplication operation (homomorphic operation), redefining a multiplication operation (requested computation) as at least one exponentiation operation (homomorphic operation), redefining a subtraction operation (requested computation) as at least one division operation (homomorphic operation), redefining a division operation (requested computation) as at least one root operation (homomorphic operation).
  • the transformed encrypted data may then be decrypted using a conventional decryption process corresponding to, or associated with, the applied encryption process.
  • the decrypted data are then modified into the final output plaintext data by applying a mirror prime number process as applied to the data before encryption.
  • the processor performs the modification by obtaining integer representations of the decrypted data and, for each integer, generating a set of prime numbers.
  • the set of prime numbers is generated by first identifying the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the integer representation.
  • the list used in the decryption process is the same list of prime numbers used in the encryption process and preferably stored with the private key of the user. The integer is then divided by the identified prime number to yield a remainder.
  • a second prime number is identified which is the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the remainder.
  • This process is completed until a final number, e.g. one, is identified in which case the number one is mapped to the same prime number as previously used.
  • the resulting process yields a set of prime numbers which are then added together to yield an integer representative of the final output plaintext data, also referred to as final, output plaintext data.
  • the additional unused prime number not included within the plurality of prime numbers is used to decrypt second encrypted data, where the second encrypted data has been subject to an exponentiation operation.
  • FIG. 33 shows a flowchart depicting an exemplary process for transforming a partially homomorphic encryption system to a FHE system, in accordance with some embodiments of the present specification.
  • a first plaintext data is received into a computer, which can be a single device or a set of networked computing devices comprising at least one processor and a memory.
  • the first plaintext data is modified to yield a second plaintext data.
  • the computer performs the modification by obtaining integer representations of the plaintext data and, for each integer, generating a set of prime numbers.
  • a set of prime numbers is generated by first identifying the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the integer representation.
  • the list of pre-defined prime numbers may be of any length but is preferably in a range of 128 numbers.
  • the identified prime number is then subtracted from the integer to yield a remainder.
  • the process is then repeated with the remainder, namely a second prime number is identified which is the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the remainder. This process is completed until a final number, one, is identified in which case the number one is mapped to a prime number that has not been previously used.
  • the resulting process yields a set of prime numbers which are then multiplied together to yield a modified integer representative of the plaintext data, also referred to as modified plaintext data..
  • the second plaintext data is encrypted in a first encryption format to generate a first encrypted data.
  • a conventional encryption system such as RSA, Goldwasser-Micali, El- Gamal, Benaloh, and Paillier, can then be applied to the modified plaintext data to yield encryption data.
  • a request is received to perform a computation such as a multiplication operation, a subtraction operation, a division operation and an addition operation, even though the conventional encryption methods are not fully homomorphic.
  • the computation is transformed into a homomorphic operation based on the first encryption format, by algorithmically redefining an addition operation as at least one multiplication operation, algorithmically redefining a multiplication operation as at least one exponentiation operation, algorithmically redefining a subtraction operation as at least one division operation, and algorithmically redefining a division operation as at least one root operation.
  • the homomorphic operation is applied to the first encrypted data to generate a second encrypted data.
  • the second encrypted data is decrypted using a first decryption format corresponding to the first encryption format to yield a third plaintext data.
  • the third plaintext data is modified to generate a fourth plaintext data.
  • the computer performs the modification by obtaining integer representations of the decrypted data and, for each integer, generating a set of prime numbers.
  • the set of prime numbers is generated by first identifying the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the integer representation.
  • the list used in the decryption process is the same list of prime numbers used in the encryption process and preferably stored with the private key of the user.
  • the integer is then divided by the identified prime number to yield a remainder.
  • the process is then repeated with the remainder, namely a second prime number is identified which is the largest prime number that is 1) on a stored list of predefined prime numbers and 2) less than the remainder. This process is completed until a final number, e.g.
  • final, output plaintext data an integer representative of the final output plaintext data
  • the UHE system functions as a layer operating between two ends of a conventional encryption system (such as, but not limited to, Paillier, RSA, El-Gamal).
  • a conventional encryption system such as, but not limited to, Paillier, RSA, El-Gamal.
  • the first encrypted data Ei may have been obtained by applying any conventional encryption method, known to persons of ordinary skill in the art, on corresponding plaintext.
  • the UHE system decrypts manipulated ciphertext data to yield back original data in the form of first encrypted data Ei
  • the first encrypted data El can be further decrypted back to obtain the corresponding plaintext using the conventional decryption method associated with the conventional encryption method that was used to generate the first encrypted data Ei.
  • a UHE system can use more functions and is not limited with respect to the number and/or order of multiplication and addition operations.
  • data expansion (associated with the UHE system) is approximately
  • n is the binary length of ciphertext.
  • the homomorphically encrypted data preferably does not occupy more than 4 times nlog(n) of the memory and wherein n is equal to the number of said plurality of bits.
  • the present specification is directed to an encryption system that applies a Fully Homomorphic Encryption (FHE) format or data transformation to original data that, in various embodiments, may be plaintext data or encrypted data.
  • FHE Fully Homomorphic Encryption
  • a FHE system is defined as a system which can either encrypt plaintext data P (original data) to yield encrypted data E or encrypt a first encrypted data Ei (original data) to yield a second encrypted data E 2 , apply a multiplication or addition function to E or E 2 to yield manipulated ciphertext data, and then decrypt manipulated ciphertext data to yield back the original data, that is P or Ei, respectively.
  • the FHE system functions as a layer operating between two ends of a conventional encryption system (such as, but not limited to, Pallier, RSA, El-Gamal).
  • a conventional encryption system such as, but not limited to, Pallier, RSA, El-Gamal.
  • the first encrypted data Ei may have been obtained by applying any conventional encryption method, known to persons of ordinary skill in the art, on corresponding plaintext.
  • the FHE system decrypts manipulated ciphertext data to yield back original data in the form of first encrypted data Ei
  • the first encrypted data El can be further decrypted back to obtain the corresponding plaintext using the conventional decryption method associated with the conventional encryption method that was used to generate the first encrypted data Ei.
  • set function operations union, intersection, merge and push
  • Boolean operations AND, OR, XOR
  • a FHE system is not limited with respect to the number and/or order of multiplication and addition operations.
  • FIG. 17 is a block diagram illustrating a homomorphic processing system operating on ciphertext data, in accordance with an embodiment of the present specification.
  • the encryption system 1705 is any proprietary or conventional encryption system known to persons of ordinary skill in the art such as, but not limited to, Pallier, RSA, El-Gamal.
  • the encryption system 1705 uses an associated encryption key 1715 to encrypt the plaintext messages x and y to generate corresponding first ciphertexts x' and y' .
  • the first ciphertexts x' and y' are input to a homomorphic processing system 1710 of the present specification.
  • the homomorphic processing system 1710 encrypts the first ciphertexts x' and y' to generate corresponding second encrypted texts x" and y" and applies a plurality of different functions to the second encrypted texts x" and y" to yield manipulated ciphertext data.
  • the first ciphertexts x' and y' are encrypted through a UHE encryption format disclosed in various embodiments of the present specification.
  • the plurality of functions comprise computations or operations such as, but not limited to, multiplication, addition, division, subtraction, membership, union, all finite automata, 'part-of query.
  • the homomorphic processing system 1710 thereafter, decrypts the manipulated ciphertext data to yield back data or alpha bitstream 1720 in an encryption format corresponding to the first ciphertexts x' and y' .
  • the homomorphic processing system operates as a layer over any conventional encryption system and performs a plurality of computations or operations on input encrypted data without the need to first decrypt the input encrypted data.
  • FIG. 18 is a block diagram illustrating a homomorphic processing system 1810 operating as a layer between two ends, that is, an encryption module 1806 and a decryption module 1807, of an encryption system 1805.
  • x be an arbitrary plaintext message that is input to a pre-processor 1801 that generates a binary stream 1802 corresponding to the plaintext x.
  • the binary stream 1802 is input to the encryption module 1806 of the encryption system 1805.
  • the encryption system 1805 is any proprietary or conventional encryption system known to persons of ordinary skill in the art such as, but not limited to, RSA, Goldwasser-Micali, El-Gamal, Benaloh, and Paillier standards.
  • the encryption module 1806 generates first ciphertext x' corresponding to the plaintext x.
  • the first ciphertext x' is now input to the homomorphic processing system 1810 of the present specification.
  • the homomorphic processing system 1810 encrypts the first ciphertext x' to generate corresponding homomorphically encrypted text and applies a plurality of different functions to the homomorphically encrypted text to yield manipulated ciphertext data.
  • the first ciphertext x' is homomorphically encrypted through a UHE encryption format disclosed in various embodiments of the present specification.
  • the plurality of functions comprise computations or operations such as, but not limited to, multiplication, addition, division, subtraction, membership, union, all finite automata, 'part-of query.
  • the homomorphic processing system 1810 now decrypts the manipulated ciphertext data to yield back second ciphertext data y' in an encryption format corresponding to the first ciphertext x' .
  • the second ciphertext data y' is, thereafter, decrypted by the decryption module 1807 to generate a binary stream 1803 which is processed by a post-processor 1808 to generate plaintext message y.
  • the system implements a pairing function on integers that allows arithmetic structures to be viewed and manipulated as combinatorics.
  • an integer-to-Cantor-like pairing transformation system is employed.
  • FIG. 19 is a flowchart of a method of homomorphic encryption and processing implemented as a layer between two ends, that is, encryption and decryption, of a conventional encryption system.
  • plaintext data is received by a conventional encryption system.
  • the conventional encryption system uses an associated encryption key to encrypt the plaintext data, at step 1910, to generate first ciphertext data.
  • the conventional encryption system is any proprietary or prior art encryption system known to persons of ordinary skill in the art such as, but not limited to, Paillier, RSA, El-Gamal.
  • the first ciphertext data is encrypted using a homomorphic processing system to generate homomorphically encrypted data.
  • the first ciphertext data is encrypted through a UHE encryption format disclosed in various embodiments of the present specification.
  • a request is received, at step 1920, to perform a plurality of computations or operations on the homomorphically encrypted data.
  • the required computations or operations are performed to generate manipulated ciphertext data.
  • decrypt the manipulated ciphertext data at step 1930, using the homomorphic processing system to generate second ciphertext data which is in the same encryption format as the first ciphertext data.
  • the second ciphertext data is decrypted, using the decryption key associated with the conventional encryption system, to generate plaintext data.
  • a conventional third-party cryptosystem is converted into a fully homomorphic encryption (FUE) scheme.
  • FUE fully homomorphic encryption
  • the conventional third-party cryptosystem chosen for conversion to FUE are somewhat homomorphic encryption (SHE) schemes that are typically well known and already thoroughly researched.
  • SHE schemes support either addition operation or multiplication operation on encrypted data.
  • Non-limiting examples of SHE schemes are RSA cryptosystem and Pailiar cryptosystem. Accordingly, to convert a SHE scheme into FHE, the present specification defines customized addition/multiplication operations in such a way that SHE becomes FHE.
  • This approach has advantages such as: there is no need to explicitly perform a security analysis of an underlying SHE scheme; there exists a massive amount of worldwide installed code base as well as a fact that encryption systems globally are designed to already support this conventional third-party cryptosystem; and that the implementation details of the SHE scheme on different hardware platforms with timing benchmarks are known.
  • the present specification describes the FHE scheme using a well-known SHE scheme - which is the RSA cryptosystem.
  • the customized addition/multiplication operations are defined in such a way that RSA cryptosystem becomes FHE cryptosystem.
  • this approach is completely general and can be applied to convert any conventional third-party SHE cryptosystem that is either additively homomorphic or multiplicatively homomorphic to FHE.
  • the encryption, decryption and the actual cipher text of the FHE cryptosystem is the same as the conventional third-party cryptosystem.
  • any system that supports the conventional third-party cryptosystem can now be treated as fully homomorphic.
  • the FHE cryptosystem is enabled to be highly efficient by replacing modular exponentiation operations with Montgomery Multiplication arithmetic.
  • RSA Raster-Shamir-Adleman
  • a user of the RSA cryptosystem creates and then publishes a public key based on two large prime numbers, along with an auxiliary value.
  • the prime numbers are kept secret.
  • the RSA is a relatively slow algorithm, and because of this, it is less commonly used to directly encrypt user data. More often, the RSA passes encrypted shared keys for symmetric key cryptography which in turn can perform bulk encryption-decryption operations at much higher speed.
  • the RSA method of cryptography involves four steps: key generation, key distribution, encryption and decryption: RSA Key Generation - involves the following steps:
  • Bob wants to send a secret message to Alice. If they decide to use RSA, Bob must know Alice's public key to encrypt the message and, Alice must use her private key to decrypt the message. To enable Bob to send his encrypted messages, Alice transmits her public key (n, e) to Bob via a reliable, but not necessarily secret route. Alice's private key (d), is never distributed.
  • Alice can recover m from c by using her private key exponent d by computing c d ⁇ (m e ) d (mod ) ⁇ m. Given m, she can recover the original message M by reversing the padding scheme.
  • m c 2753 mod 3233.
  • Montgomery Multiplication is implemented to avoid the expensive division by replacing it with cheaper shift operations.
  • Binary method may also be used to reduce the number of modular multiplication needed to compute a modular exponentiation.
  • the GM cryptosystem is based on the hardness of quadratic residuosity problem.
  • Number a is called quadratic residue modulo n if there exists an integer x such that x 2 ⁇ a mod n .
  • Quadratic residuosity problem decides whether a given number q is quadratic modulo n or not.
  • GM cryptosystem is described as follows:
  • Taher Elgamal proposed a new public key encryption scheme which is an improved version of the original Diffie-Hellman Key algorithm that is based on the hardness of certain problems in discrete logarithm. It is mostly used in hybrid encryption systems to encrypt the secret key of a symmetric encryption system.
  • the Elgamal cryptosystem is defined as follows:
  • each entity creates a public key and a conespoadmg private key.
  • a 's public key is (p, a, a )
  • a 's private ke is a.
  • Benaloh proposed an extension of the GM Cryptosystem by improving it to encrypt the message as a block instead of bit by bit. Benaloh's proposal was based on the higher residuosity problem.
  • Higher residuosity problem (x n ) is the generalization of quadratic residuosity problems (x 2 ) that is used for the GM cryptosystem.
  • Paillier introduced another probabilistic encryption scheme based on composite residuosity problem.
  • Composite residuosity problem is very similar to quadratic and higher residuosity problems that are used in GM and Benaloh cryptosystems. It questions whether there exists an integer x such that x n ⁇ a (mod n 2 ) for a given integer a.
  • each modular multiplication operation (associated with modular exponentiation) requires computationally expensive division operation.
  • the computationally expensive division operation is replaced with Montgomery multiplication that uses addition and bit shifting with a base to the power of two, which is optimized for majority hardware architectures.
  • FIG. 22A illustrates a plurality of programmatic instructions 2205 for computing or executing Montgomery multiplication, in accordance with an embodiment of the present specification.
  • Montgomery multiplication requires a) conversion from radix form to Montgomery form at the beginning of computation, and b) another conversion back to radix form at the end of the computation. These two conversions are computationally expensive, but it is still beneficial to use Montgomery multiplication for modular exponentiation because most of the computations can be done in Montgomery form.
  • the modular reduction in step 2210 can be replaced by bitwise shifting, which is computationally very fast in most of the computer hardware.
  • FIG. 22B illustrates a plurality of programmatic instructions 2215 to implement a binary method for reducing the number of modular multiplication operations needed to compute a modular exponentiation, in accordance with an embodiment of the present specification.
  • the instructions 2215 begin by scanning the exponent bits from right to left; if the bit is ' ⁇ ', only squaring is performed; if the bit is T, an additional Montgomery multiplication is performed.
  • the speed performance is determined by the number of T bit in the exponent, as additional multiplication is required for every ' 1 ' bit.
  • 22C illustrates a plurality of programmatic instructions 2220 to implement signed-digit recoding method for reducing the number of ⁇ ' bit in an exponent, in accordance with an embodiment of the present specification.
  • the output of this recoding method 120 always has extra one digit than the binary representation.
  • decimal 31 is represented as [1, 1, 1, 1, 1] (5 digits) in binary, but represented as [1, 0, 0, 0, 0, -1] after signed digit recoding (6 digits).
  • the number of zeroes is increased compared to the binary representation, but the number of ones is reduced.
  • FIG. 22D illustrates a plurality of programmatic instructions 2225 to implement a CMM-
  • SDR method as an improvement to the signed-digit recoding method of FIG. 22C, in accordance with an embodiment of the present specification.
  • the scanned bit is T or '- , then it is a multiply and square, if ⁇ ', then it is only a squaring.
  • the performance of RS A based cryptographic algorithms is improved by enhancing modular exponentiation operations using the methods of FIGS. 22 A trough 22D.
  • the performance of RSA cryptography is improved by utilizing parallel computing architecture such as that of a GPU (Graphics Processing Unit).
  • GPU Graphics Processing Unit
  • GPU Graphics Processing Unit
  • GPU is massively parallel processors capable of computing thousands of threads in parallel. GPU has been used in various applications to accelerate cryptographic algorithms.
  • FIGS. 23A and 23B respectively illustrate first and second forms 2305, 2310 of granularity with reference to parallel computing, in accordance with embodiments of the present specification.
  • the first form of granularity 2305 depicts fine-grained parallelism while the second form of granularity depicts coarse-grained parallelism.
  • the CMM-SDR Montgomery multiplication is implemented based on coarse- grained parallelism 2310, where by each thread is assigned to compute one modular exponentiation. Since each thread is independent of each other, there is no intense communication between threads, so shared memory does not provide significant benefits to their implementation.
  • the computations within one thread are more intensive compared to fine-grained implementation 2305 of the CMM-SDR Montgomery multiplication. Thus, these computations do not limit the number of registers used per thread and let the compiler allocate as much as it could.
  • the values of R, C, D and 5 are pre-computed values and then these pre-computed values are copied, together with AT (required to compute Montgomery multiplication), where M' is modified M as defined above, M and E SD to global memory in GPU. It should be appreciated that all the values are represented in multi-limbs (32- bit each) and stored in the form of arrays, except AT which is stored in register.
  • 32000 threads are launched to perform 32000 modular exponentiations, wherein the threads are organized as 125 blocks per grid, and 256 threads per block. Each thread has to load the values of R, , ESD, C, D and S into local memory and AT into register. During the computations, C, D and S are used to store the intermediate values.
  • the results of Montgomery exponentiation are stored in global memory and copied to the host memory after the computations are completed.
  • Table 1 illustrates computational speed (in nano seconds) observed in the context of GPU (for example, NVIDIA Quadro PI 00) implementation of Montgomery modular arithmetic
  • Table 2 illustrates computational speed (in nano seconds) observed in the context of Field-Programmable Gate Array (Xilinx Virtex-7 XC7V2000T FPGA) implementation of Montgomery modular arithmetic.
  • FHE Fully Homomorphic Encryption
  • an SHE scheme such as, but not limited to, RSA cryptosystem is converted to FHE scheme of the present specification.
  • fully homomorphic encryption is a form of encryption that allows computations to be carried out on cipher text, thus generating an encrypted result which, when decrypted, matches the result of operations performed on the plaintext.
  • the fundamental theorem of arithmetic also called the unique factorization theorem or the unique-prime-factorization theorem, states that every integer greater than 1 either is prime itself or is the product of prime numbers, and that this product is unique, up to the order of the factors.
  • the theorem is stating two things: first, that 1200 can be represented as a product of primes, and second, no matter how this is done, there will always be four 2s, one 3, two 5s, and no other primes in the product.
  • n 65.
  • One can write the number 65 as 65 61 + 3 + 1.
  • FIG. 24 is a flow chart illustrating a plurality of steps of implementing an FHE method, process or scheme, in accordance with an embodiment of the present specification.
  • cipher data is obtained by applying a conventional third-party encryption format to plain text.
  • the conventional third-party encryption format is the RSA cryptosystem.
  • conventional encryption formats include schemes such as, Goldwasser-Micali, El-Gamal, Benaloh, and Paillier.
  • multiplicative homomorphism of the conventional third party encryption format such as RSA, is recast as additive.
  • multiplication/division of cipher text is performed instead of addition/sub traction of cipher texts for addition/sub traction in plaintext and exponentiation/exponentiation with inverse operations in ciphertext are performed to do multiplication and division in the plaintext as follows:
  • the FHE cryptosystem of the present specification is based on conventional third-party encryption formats with customized arithmetic operations.
  • the main operation in FHE scheme is modular exponentiation.
  • the FHE scheme uses Montgomery modular arithmetic.
  • the modular exponentiation operations are replaced with Montgomery Multiplication arithmetic (to improve computational efficiency of the FHE scheme) as described with reference to FIGS 22A through 22D.
  • the FHE methodologies of the present specification are implemented as logical steps in one or more computer systems.
  • the logical operations of the present specification are implemented as a sequence of processor-implemented steps executing in one or more computer systems and/or as interconnected machine or circuit engines within one or more computer systems.
  • the implementation is a matter of choice, dependent on the performance requirements of the computer system implementing the invention.
  • the present specification is directed to an encryption system that applies a Fully Homomorphic Encryption (FHE) format or data transformation to original data that, in various embodiments, is encrypted data.
  • FHE Fully Homomorphic Encryption
  • a FHE system as disclosed herein, is defined as a system which can encrypt a first encrypted data Ei (original data) to yield a second encrypted data E 2 , apply a multiplication or addition function to E 2 to yield manipulated ciphertext data, and then decrypt manipulated ciphertext data to yield back the original data, that is Ei.
  • the FHE system functions as a layer operating between two ends of a conventional encryption system (such as, but not limited to, RSA, Goldwasser-Micali, El-Gamal, Benaloh, Paillier).
  • a conventional encryption system such as, but not limited to, RSA, Goldwasser-Micali, El-Gamal, Benaloh, Paillier.
  • the first encrypted data Ei may have been obtained by applying any conventional encryption method, known to persons of ordinary skill in the art, on corresponding plaintext.
  • the FHE system decrypts manipulated ciphertext data to yield back original data in the form of first encrypted data Ei
  • the first encrypted data Ei can be further decrypted back to obtain the corresponding plaintext using the conventional decryption method associated with the conventional encryption method that was used to generate the first encrypted data Ei.
  • the cloud-based scenario 400 provides secure storage and computation services on data encrypted using the public key 408.
  • the public key 408 and the private key 432 pair is associated with a conventional third-party encryption format such as, but not limited to, RSA.
  • the cloud service system 410 encrypts the third-party encrypted data 409 to generate homomorphically encrypted data and performs a plurality of computations/operations on the homomorphically encrypted data without decrypting the third- party encrypted data 409 itself.
  • the processed data is decrypted using the FHE scheme to obtain encrypted output 430 which is then communicated to the user 435 who decrypts the output 430 using his private key 432.
  • the conventional encryption system may be implemented on a client device while the homomorphic encryption system may be implemented on a server device.
  • the client and server devices may be in wired or wireless data communication using a private or public network such as, but not limited to, the Internet.
  • the first ciphertext data may be pre-stored in a Cloud-based database.
  • the first ciphertext data may be processed using the homomorphic encryption system (implemented on a server device separate from the Cloud-based database service) and the finally output second ciphertext data is stored back to the Cloud-based database.
  • a client device may access the second ciphertext data, thereafter, to decrypt and obtain plaintext data using the conventional encryption system implemented on the client device.
  • the conventional encryption system may be implemented by the Cloud-based service to output the final plaintext data for client consumption.
  • both the conventional encryption system and the homomorphic encryption system are implemented by the Cloud-based database service.
  • PKI Public Key Infrastructure
  • FIG. 25 shows components of a Public Key Infrastructure (PKI) for a cryptography scheme, in accordance with embodiments of the present specification.
  • the PKI 2500 implements a set of roles, policies, and procedures to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption using a public/private asymmetric key pair based on a cryptography scheme that, in some embodiments, may be a conventional third-party such as, but not limited to RSA, Goldwasser-Micali, El-Gamal, Benaloh, and Paillier while in some embodiments may be the FHE crypto scheme of the present specification.
  • cryptographic functions and workflows implementing the PKI 2500 processes are built using the OpenXPKI software so that the PKI 2500 is compatible with open standards.
  • the PKI 2500 comprises a first entity 2505, also referred to as a certification authority (CA), which is an organization that functions as a trusted third party or a root of trust responsible for validating an identity of a data sender, subject or client 2510 that may be a person, organization, software package or a device such as a computer, for example.
  • the sender 2510 is a cloud client consisting of computer hardware and/or software that relies on cloud computing for application delivery, or that is specifically designed for delivery of cloud services.
  • the first entity 2505 generates and issues a digital certificate containing a public key of the sender 2505.
  • the digital certificate is then digitally signed with the first entity's 2505 private key.
  • the digital certificate certifies the ownership of the public key of the sender 2510.
  • a format of the digital certificate conforms to the X.509 specification that defines a standard for managing public keys through a PKI. This allows a recipient 2515 to rely upon signatures or on assertions made about a private key that corresponds to the certified public key of the sender 2510.
  • the recipient 2515 may be a person, organization, software package or a device such as a computer, for example.
  • the recipient 2515 is a cloud server that is built, hosted and delivered through a cloud computing platform over the Internet.
  • a second entity 2525 also referred to as a registration authority (RA), responsible for accepting requests, from the sender 2510, for digital certificates and verifying the sender 2510 making the request. Once the verification process is complete the second entity 2525 transmits the request to the first entity 2505 that generates the digital certificate, including the appropriate information (including the sender's public key), signs the digital certificate with the first entity's private key and sends the certificate to the sender 2510.
  • the private key of the first entity 2505 is stored at a secure location, such as a Hardware Security Module (HSM) 2540.
  • HSM Hardware Security Module
  • certificate repository 2530 is compatible with the Lightweight Directory Access Protocol (LDAP) making access to and searching of repository compatible with open standards.
  • LDAP Lightweight Directory Access Protocol
  • the sender 2510 uses the digital certificate, issued by the first entity 2505, to sign and encrypt plaintext data using the sender's private key before uploading or communicating the encrypted data 2520 to the recipient 2515.
  • the recipient 2515 of encrypted data 2520 verifies and validates the sender's certificate before decrypting the data 2520 using the sender's public key that, in embodiments, is accessed from the certificate repository 2530.
  • the recipient 2515 verifies and validates the sender's certificate using a public key of the first entity 2505. Successful validation assures that the public key given in the certificate belongs to the sender 2510 whose details are given in the certificate.
  • the first entity 2505 performs functions such as, but not limited to, generating key pairs independently or jointly with the sender 2510, issuing digital certificates, publishing certificates, verifying certificates, and revocation of certificates. Accordingly, the first entity 2505 publishes a list of certificates that have been revoked, based on criteria for certificate revocation. These lists are known as certificate revocation lists (CRLs).
  • CRLs certificate revocation lists
  • the CRLs are made publicly available by storing them in the certificate repository 2530 so that the recipient 2515 can verify whether the certificate that was used to sign the encrypted data 2520 is valid.
  • the recipient 2515 upon receiving the signed and encrypted data 2520 also verifies that the certificate of the sender 2510 has not been revoked. This ensures integrity of the signatures.
  • the recipient 2515 uses the Online Certificate Status Protocol (OCSP) for obtaining the revocation status of the certificate of the sender 2510.
  • OCSP Online Certificate Status Protocol
  • FIGS. 26 A and 26B are workflows illustrating a plurality of processes associated with obtaining a digital certificate and working of a certification authority, in accordance with embodiments of the present specification.
  • the sender 2510 generates public/private key pair based on third-party encryption scheme such as RSA, Goldwasser-Micali, El-Gamal, Benaloh, Paillier or based on the FHE scheme of the present specification.
  • the sender's private key is stored in a secure place.
  • the secure place is a vault 2550 available through a cloud computing platform over the Internet.
  • HashiCorp's vault is a tool that secures, stores, and tightly controls access to private keys and certificates and handles leasing, key revocation, key rolling, and auditing by presenting a unified API to access multiple back-ends such as, but not limited to, HSMs (Hardware Security Modules) and AWS IAM (Identity and Access Management), for example.
  • HSMs Hardware Security Modules
  • AWS IAM Identity and Access Management
  • the secure place is a cloud based HSM 2552.
  • An HSM is a crypto processor that protects the crypto key lifecycle by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device.
  • the sender 2510 generates a certificate signing request (CSR) 2555 for submission to the certification authority 905.
  • CSR certificate signing request
  • the CSR 2555 contains the sender's identity, public key and the FHE algorithm.
  • the public key included in the CSR 2555 comes from the public/private key pair, which was generated at step 2605.
  • the CSR 2555 is submitted to the certification authority 2505 for signing.
  • the digital certificate is digitally signed with a private key of the certification authority 2505.
  • the certification authority 2505 sends the CSR 2555 to the cloud based HSM 2552 where the certification authority's private key is securely stored.
  • the HSM 2552 coveys a signed CSR (by the certification authority' s private key) back to the certification authority 2505 at step 2630.
  • the certification authority 2505 issues a digital certificate 2557 (conforming to the X.509 standard, for example) that is communicated to the sender 2510.
  • Lemur is an open source framework for management of certificates as well as user access to certificates and acts as a broker between a certification authority and the user.
  • Lemur provides a centralized tool from which to manage and monitor all aspects of the certificate lifecycle.
  • FIG. 27 is a workflow illustrating a certificate procurement process using Lemur, in accordance with aspects of the present specification.
  • a user 2703 may submit a request to Lemur 2707 for access to a secured cloud based service 2712 such as, but not limited to, a service to implement a financial transaction using the FHE scheme of the present specification or a shared data storage system such as "Dark Pool” which, in some embodiments, is available as a Cloud based service.
  • a secured cloud based service 2712 such as, but not limited to, a service to implement a financial transaction using the FHE scheme of the present specification or a shared data storage system such as "Dark Pool" which, in some embodiments, is available as a Cloud based service.
  • CSR certificate signing request
  • the CSR is a cryptographically signed request that has information such as state/province, location, organization name and other details about the user requesting the certificate and what the certificate is to be used for.
  • Lemur 2707 generates the user's public/private key pair and securely stores them. The generated public key of the user 2703 is contained in the CSR.
  • Lemur 2707 generates and sends a notification to a security manager 2722 with respect to the generated CSR.
  • the security manager 2722 reviews that the CSR request is valid and error-free.
  • the CA 2717 issues a digital certificate binding the key pair to the user 2703.
  • the digital certificate is communicated to Lemur 2707 that stores the digital certificate associated with the user 2703.
  • Lemur 2707 uses the user's digital certificate to enable the user authenticated access to the cloud based service 2712.
  • Lemur 2707 Some of the functions performed by Lemur 2707 comprise: creation of new users, creation of certificates for new users, import of existing user certificates, creation of new roles, assignment of roles to respective users, and access to cloud services based on user defined role.
  • Secure Socket Layer is a secure handshake protocol that supports digital certificates at the transport layer. It enables first and second parties to establish a secure session for communication between them, by providing mutual confidentiality and data integrity.
  • FIG. 28 is a workflow illustrating a plurality of steps for mutual authentication of first and second parties, such as a server and a client, to each other using secure socket layer, in accordance with embodiments of the present specification.
  • the SSL is built upon a third-party encryption scheme such as, but not limited to, RSA or is built upon the FHE based asymmetric crypto scheme (of the present specification) where a public key is freely distributed to encrypt a plaintext message, which can only be decrypted by a corresponding private key.
  • the SSL employs a third party organization, such as a certification authority (CA), to identify one or both ends of a communication or transaction.
  • CA certification authority
  • a first party 2802 sends a request to connect to a second party 2812 and asks for secure data such as a web page or a document, for example.
  • the first party 2802 is a client browser while the second party 2812 is a web server.
  • the second party 2812 sends its public key along with its signing digital certificate back to the first party 2802.
  • the first party 2802 verifies whether the digital certificate is valid and was issued by a CA 2817.
  • the first party 2802 compares the information in the certificate with the information received from the CA 2817 and verifies the details.
  • the first party 2802 Upon successful verification of the digital certificate, at step 2820, the first party 2802 generates a random symmetric encryption key and then encrypts it using the public key of the second party 2812. Thereafter, the first party
  • the 2802 sends the encrypted symmetric key to the second party 2812, along with an encrypted URL and other encrypted HTTP data - such as session data (the URL and HTTP data being encrypted using the symmetric key).
  • the first party 2802 also sends its digital certificate to the second party
  • the second party 2812 verifies validity and authenticity of the first party's certificate with the CA 2817.
  • the second party Upon successful verification of the first party's certificate, at step 2830, the second party
  • step 2812 decrypts the incoming packet using its private key and uses the symmetric key to decrypt the URL and HTTP data that was generated randomly at the first party 2802. Thereafter, at step 2835, a packet including the data requested by the first party 2802 is encrypted with the symmetric key and sent back to the first party 2802 by the second party 2812. Finally, at step 2840, the first party
  • the public key is (e, N) and private key is (d, N) - such that, the key pair is always unique for each user.
  • user data can be encrypted by the user even before it is sent to a cloud, for example, and the user can begin FHE processing on the data without knowing the public or private keys associated with the encryption of data.
  • the only information that is required in such embodiments would be the modulus N.
  • a need may exist to privately compute on various different users' data where each user has a separate private key.
  • each public key is matched with just one unique private key. More specifically, in the RSA algorithm, the public key is (e, n) and private key is (d, n). The key pair is always unique for each user. It means that for each public key there always exist a unique private key and for every private key there exist a unique public key.
  • Theorem 1 The public key in RSA algorithm is always unique.
  • any two public RSA exponents that share a private exponent must differ by some multiple of ⁇ ( ⁇ ) which means that public key e in RSA algorithm is always unique.
  • Theorem 2 The private key in RSA algorithm is always unique.
  • Theorem 3 The inverse of any element of the group G is always unique.
  • Attribute-based encryption is a type of public-key encryption in which the secret/private key of a user and the cipher text are dependent upon attributes such as, but not limited to, a country in which the user lives, a kind of subscription the user has and/or any other mathematical operation evident to persons of ordinary skill in the art.
  • decryption of the cipher text is possible only if the set of attributes of the secret/private key match the attributes associated with the cipher text.
  • a crucial security aspect of attribute-based encryption is collusion-resistance that is an adversary that holds multiple keys should only be able to access data if at least one individual key grants access.
  • the attribute-based encryption scheme uses a masking operation with a private key.
  • This masking operation could be any operation like XOR operation, AND operation, or any other operation known to persons of ordinary skill in the art.
  • FIG. 29 illustrates a workflow for an attribute-based encryption scheme that uses an XOR masking operation to obtain unique private keys, in accordance with an embodiment of the present specification.
  • the attribute-based encryption scheme 2900 generates a unique RSA key pair where the private key 2925 is d. Assume that there are n users 2905 and each user has a unique user ID 2910i through 291 On corresponding to personal attributes of each user.
  • FIG. 30 is a workflow illustrating a plurality of processes associated with FHE based user access and key management using Lemur and attribute-based encryption, in accordance with embodiments of the present specification.
  • the open source Lemur solution is used for user creation and user access management to a shared data storage system 3022 such as "Dark Pool" which, in some embodiments, is available as a Cloud based service.
  • a new user 3002 is created with personalized user data to generate a corresponding unique user ID.
  • the user with the associated unique ID is added to a user database hosted in Lemur 3012.
  • the user's public key certification with the unique user ID is requested from a certification authority via Lemur.
  • the received public key certificate of the user is stored in the user database in Lemur 3012.
  • a role is assigned to the user based on the user' s personalized data and the role is configured and stored in a user access database hosted at an access management server 3007 via Lemur 3012.
  • FIG. 31 shows a GUI 3101 in Lemur to create a new user.
  • clicking a settings function 3105 presents a drop down box with various options such as roles 3110, users 3115 and domains.
  • the users option 3115 is chosen and clicking the create button 3145 causes a 'create user' screen 3102 to be presented.
  • the screen 3102 enables inputting information related to various user credentials such as, for example, name 3120, email 3125, password 3130 and existing roles 3135 that can be assigned to the user.
  • a toggle button 3140 can be set to activate or deactivate the user account.
  • the new user account is created and saved on clicking the ' save' button 3150.
  • the roles option 3110 is chosen and clicking the create button 3145 causes a 'create role' screen 3202 to be presented, as shown in FIG. 32.
  • the screen 3202 enables inputting information related to various role related credentials such as, for example, name of the role 3205, description of the role 3210, username 3215, password 3220, and users 3225 that would be assigned the role 3205.
  • the role 3205 is created and saved on clicking the 'save' button 3230.
  • a unique user ID is already stored in the user database.
  • presence of an associated public key certificate is checked in the user database. If a certificate does not exist then, a public key certificate is created and stored in the user database. Thereafter, presence of a role (corresponding to the existing user) is also checked in the user access database. If no role is already assigned to the existing user then a role is assigned to the existing user based on his personalized data. The assigned role is configured and stored in the user access database hosted at the access management server 3007 via Lemur 3012.
  • a cloud based HSM 3017 generates a unique RSA public and private key pair via Lemur 3012. Since the user 3002 has an associated unique user ID, Lemur 3012 sends the user's unique ID to HSM 3017.
  • HSM 3017 performs the following operations: obtains the unique RSA public and private key pair generated in the initialization phase, masks (as discussed with reference to FIG. 29) the RSA private key with the user's unique ID to generate the user's unique private key and stores the user's unique private key.
  • the user 3002 opens a web interface to the cloud based shared data storage system 3022, logs in using his credentials such as user name and password and requests access, to the system 3022, with his public key certificate via Lemur 3012.
  • Lemur 3012 sends the user's access request to the access management server 3007 for validation.
  • the access management server 3007 grants role based access to the user via Lemur, at step 3030.
  • the user 3002 is able to access the system 3022.
  • the user 3002 uploads his data on to the cloud based system 3022 at step 3040.
  • the system 3022 sends the uploaded data to an encryption server 3032.
  • the encryption server 3032 accesses the user's public key certificate from the HSM 3017 and uses the public key to generate encrypted data.
  • the server 3032 sends the encrypted data either back to the cloud based system 3022 for storage or to an FHE server 3042 for further computational operations.
  • the FHE server 3042 performs FHE operations on the encrypted data either received from the encryption server 3032 or retrieved from the cloud based system 3022.
  • the FHE server 3042 sends FHE encrypted data to the HSM 3017.
  • the HSM 3017 performs decryption operation (on the received FHE encrypted data) using the user's unique private key to generate decrypted FHE user data.
  • the decrypted FHE user data is forwarded by the HSM 3017 to the cloud based system 3022, at step 3070.
  • the cloud based system 3022 forwards the decrypted FHE user data to Lemur
  • Lemur 3012 sends decrypted FHE user data access request to the access management server 3007 for validation.
  • the access management server 3007 grants role based access to the user to the decrypted FHE user data via Lemur, at step 3085.
  • the user 3002 is able to access the decrypted FHE user data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Les systèmes de chiffrement partiellement homomorphes peuvent être transformés en systèmes de chiffrement entièrement homomorphes. Des données de texte en clair d'entrée sont transformées en données de texte en clair modifiées à l'aide d'une opération de nombres premiers et les données de texte en clair modifiées sont ensuite chiffrées à l'aide d'un nombre quelconque de schémas de chiffrement classiques. Des calculs souhaités sur les données chiffrées sont transformés en opérations homomorphes, sur la base de la nature du format de chiffrement, et les opérations homomorphes sont appliquées pour produire des données chiffrées manipulées. Les données chiffrées manipulées peuvent être déchiffrées et les données de texte en clair déchiffrées peuvent être modifiées en données de texte en clair finales à l'aide d'une opération de nombre premier similaire telle qu'appliquée pendant le chiffrement.
PCT/US2018/059058 2017-11-07 2018-11-02 Systèmes et procédés pour mettre en œuvre une transformation homomorphique évolutive et efficace de données chiffrées avec une expansion de données minimale et une efficacité de traitement améliorée WO2019094303A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/805,916 2017-11-07
US15/805,916 US10333696B2 (en) 2015-01-12 2017-11-07 Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency

Publications (1)

Publication Number Publication Date
WO2019094303A1 true WO2019094303A1 (fr) 2019-05-16

Family

ID=66437997

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2018/059058 WO2019094303A1 (fr) 2017-11-07 2018-11-02 Systèmes et procédés pour mettre en œuvre une transformation homomorphique évolutive et efficace de données chiffrées avec une expansion de données minimale et une efficacité de traitement améliorée

Country Status (1)

Country Link
WO (1) WO2019094303A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020245829A1 (fr) * 2019-06-05 2020-12-10 Nitromia Ltd Exécution accélérée d'applications avec des données d'entrée chiffrées de manière entièrement homomorphe
WO2020248079A1 (fr) * 2019-06-13 2020-12-17 Shield Crypto Systems Inc. Mémorisation, transfert et calcul d'informations sécurisées
US20210160048A1 (en) * 2019-11-27 2021-05-27 Duality Technologies, Inc. Recursive algorithms with delayed computations performed in a homomorphically encrypted space
US11032061B2 (en) * 2018-04-27 2021-06-08 Microsoft Technology Licensing, Llc Enabling constant plaintext space in bootstrapping in fully homomorphic encryption
CN114513482A (zh) * 2022-01-11 2022-05-17 德明尚品科技集团有限公司 基于区块链的电子邮箱管理方法与系统
CN116800512A (zh) * 2023-07-06 2023-09-22 山东大学 一种药品数据多方匹配方法、装置和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110243201A1 (en) * 2010-03-31 2011-10-06 Fred William Phillips Broadband transceiver and distributed antenna system utilizing same
US20120039463A1 (en) * 2010-08-16 2012-02-16 International Business Machines Corporation Fast Evaluation Of Many Polynomials With Small Coefficients On The Same Point
US8515058B1 (en) * 2009-11-10 2013-08-20 The Board Of Trustees Of The Leland Stanford Junior University Bootstrappable homomorphic encryption method, computer program and apparatus
US20150356281A1 (en) * 2012-12-28 2015-12-10 Koninklijke Kpn N.V. Secure Watermarking of Content
US20160032692A1 (en) * 2014-07-30 2016-02-04 Shell Oil Company Induced control excitation for enhanced reservoir flow characterization

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8515058B1 (en) * 2009-11-10 2013-08-20 The Board Of Trustees Of The Leland Stanford Junior University Bootstrappable homomorphic encryption method, computer program and apparatus
US20110243201A1 (en) * 2010-03-31 2011-10-06 Fred William Phillips Broadband transceiver and distributed antenna system utilizing same
US20120039463A1 (en) * 2010-08-16 2012-02-16 International Business Machines Corporation Fast Evaluation Of Many Polynomials With Small Coefficients On The Same Point
US20150356281A1 (en) * 2012-12-28 2015-12-10 Koninklijke Kpn N.V. Secure Watermarking of Content
US20160032692A1 (en) * 2014-07-30 2016-02-04 Shell Oil Company Induced control excitation for enhanced reservoir flow characterization

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11032061B2 (en) * 2018-04-27 2021-06-08 Microsoft Technology Licensing, Llc Enabling constant plaintext space in bootstrapping in fully homomorphic encryption
WO2020245829A1 (fr) * 2019-06-05 2020-12-10 Nitromia Ltd Exécution accélérée d'applications avec des données d'entrée chiffrées de manière entièrement homomorphe
WO2020248079A1 (fr) * 2019-06-13 2020-12-17 Shield Crypto Systems Inc. Mémorisation, transfert et calcul d'informations sécurisées
US20220245262A1 (en) * 2019-06-13 2022-08-04 Shield Crypto Systems Inc. Secure information storage, transfer and computing
EP4026032A4 (fr) * 2019-06-13 2023-11-08 Lorica Cybersecurity Inc. Mémorisation, transfert et calcul d'informations sécurisées
US20210160048A1 (en) * 2019-11-27 2021-05-27 Duality Technologies, Inc. Recursive algorithms with delayed computations performed in a homomorphically encrypted space
US11616635B2 (en) * 2019-11-27 2023-03-28 Duality Technologies, Inc. Recursive algorithms with delayed computations performed in a homomorphically encrypted space
CN114513482A (zh) * 2022-01-11 2022-05-17 德明尚品科技集团有限公司 基于区块链的电子邮箱管理方法与系统
CN114513482B (zh) * 2022-01-11 2024-03-22 德明尚品科技集团有限公司 基于区块链的电子邮箱管理方法与系统
CN116800512A (zh) * 2023-07-06 2023-09-22 山东大学 一种药品数据多方匹配方法、装置和存储介质
CN116800512B (zh) * 2023-07-06 2024-04-19 山东大学 一种药品数据多方匹配方法、装置和存储介质

Similar Documents

Publication Publication Date Title
US10333696B2 (en) Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency
US20190386814A1 (en) Systems and Methods for Implementing an Efficient, Scalable Homomorphic Transformation of Encrypted Data with Minimal Data Expansion and Improved Processing Efficiency
Rawal et al. Multi-tier stack of block chain with proxy re-encryption method scheme on the internet of things platform
Archer et al. From keys to databases—real-world applications of secure multi-party computation
Yang et al. A zero-knowledge-proof-based digital identity management scheme in blockchain
Garrido et al. Revealing the landscape of privacy-enhancing technologies in the context of data markets for the IoT: A systematic literature review
WO2019094303A1 (fr) Systèmes et procédés pour mettre en œuvre une transformation homomorphique évolutive et efficace de données chiffrées avec une expansion de données minimale et une efficacité de traitement améliorée
CA3144715A1 (fr) Systemes et procedes pour infrastructure a chaines de blocs a permissions avec controle d'acces a granularite fine et messagerie de publication/d'abonnement preservant la confidentialite
Sun et al. Research on logistics information blockchain data query algorithm based on searchable encryption
Zhang et al. A general framework to design secure cloud storage protocol using homomorphic encryption scheme
Corena et al. Secure and fast aggregation of financial data in cloud-based expense tracking applications
JP2023043870A (ja) ユーザ・データ・プライバシを管理するための方法及びシステム
Rosa et al. Blockchain structures to guarantee logging integrity of a digital platform to support community-dwelling older adults
Sinha et al. Luciditee: A tee-blockchain system for policy-compliant multiparty computation with fairness
Talviste Applying secure multi-party computation in practice
Hong et al. Constructing conditional PKEET with verification mechanism for data privacy protection in intelligent systems
Antony Saviour et al. IPFS based file storage access control and authentication model for secure data transfer using block chain technique
Meneghetti et al. On the equivalence of two post-quantum cryptographic families
US20230246817A1 (en) Systems and methods for generating secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications
US20230246822A1 (en) Systems and methods for providing secure, encrypted communications across distributed computer networks by coordinating cryptography-based digital repositories in order to perform blockchain operations in decentralized applications
JP2023098847A (ja) 装置、方法、コンピュータプログラム(プライバシー保護ブロックチェーンの選択的監査プロセス)
Karumanchi et al. An efficient integrity based multi-user blockchain framework for heterogeneous supply chain management applications
Liu et al. Privacy-preserving dynamic auditing for regenerating code-based storage in cloud-fog-assisted IIoT
Li et al. Privacy protection for medical image management based on blockchain
US11836263B1 (en) Secure multi-party computation and communication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18875128

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18875128

Country of ref document: EP

Kind code of ref document: A1