WO2020036125A1 - 秘密強写像計算システム、これらの方法、秘密計算装置及びプログラム - Google Patents
秘密強写像計算システム、これらの方法、秘密計算装置及びプログラム Download PDFInfo
- Publication number
- WO2020036125A1 WO2020036125A1 PCT/JP2019/031475 JP2019031475W WO2020036125A1 WO 2020036125 A1 WO2020036125 A1 WO 2020036125A1 JP 2019031475 W JP2019031475 W JP 2019031475W WO 2020036125 A1 WO2020036125 A1 WO 2020036125A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- vector
- share
- secret
- units
- permutation
- Prior art date
Links
- 238000004364 calculation method Methods 0.000 title claims abstract description 59
- 238000013507 mapping Methods 0.000 title claims abstract description 38
- 238000000034 method Methods 0.000 title description 59
- 239000013598 vector Substances 0.000 claims abstract description 371
- 238000000605 extraction Methods 0.000 claims abstract description 29
- 238000006467 substitution reaction Methods 0.000 claims abstract description 23
- 230000008878 coupling Effects 0.000 claims description 19
- 238000010168 coupling process Methods 0.000 claims description 19
- 238000005859 coupling reaction Methods 0.000 claims description 19
- 238000012545 processing Methods 0.000 description 53
- 238000007493 shaping process Methods 0.000 description 16
- 230000002159 abnormal effect Effects 0.000 description 13
- 238000010586 diagram Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 8
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 8
- 230000006870 function Effects 0.000 description 5
- 229940079593 drug Drugs 0.000 description 4
- 239000003814 drug Substances 0.000 description 4
- 239000000203 mixture Substances 0.000 description 4
- 239000002131 composite material Substances 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 239000011159 matrix material Substances 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/30003—Arrangements for executing specific machine instructions
- G06F9/30007—Arrangements for executing specific machine instructions to perform operations on data operands
- G06F9/30036—Instructions to perform operations on packed data, e.g. vector, tile or matrix operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/30003—Arrangements for executing specific machine instructions
- G06F9/30007—Arrangements for executing specific machine instructions to perform operations on data operands
- G06F9/3001—Arithmetic instructions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/38—Concurrent instruction execution, e.g. pipeline or look ahead
- G06F9/3836—Instruction issuing, e.g. dynamic instruction scheduling or out of order instruction execution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/46—Secure multiparty computation, e.g. millionaire problem
Definitions
- the present invention relates to a technique for calculating a mapping in a secret calculation.
- Non-Patent Document 1 As a conventional technique for calculating a mapping, a mapping protocol described in Non-Patent Document 1 is known.
- the domain is an interval ([1, 3] ⁇ 1, [4, ⁇ 8] ⁇ 5, [9, 10] ⁇ ⁇ 2, etc. There is no omission in the domain) Abnormal value could not be detected.
- the object of the present invention is to provide a secret strong mapping calculation system capable of calculating a mapping while detecting an abnormal value, a method thereof, a secret calculation device, and a program.
- a strong secret map calculation system is a secret combination calculation system including a plurality of secret calculation devices, wherein F k and F v are any rings, and ⁇ is an arbitrary vector or permutation [ ⁇ ] is the share ⁇ is secret sharing, m, n is 1 or more predetermined integer, u is a predetermined value, r ⁇ F k m is a predetermined vector elements are different from each other, d ⁇ F v m, is x ⁇ F k n is a predetermined vector, the plurality of secure computing apparatus, using the Share [r] and share of the vector x [x] of the vector r, the vector and the vector r and the vector x A vector k ⁇ [F k ] obtained by combining the same vector as r and a plurality of first vector combining units that generate a share [k] of 2m + n , and a permutation that stably sorts the vector k using the share [k] Using a plurality of secret calculation devices, wherein
- each element is a vector ⁇ (y which is the sum of u and the sum of elements up to the element corresponding to each element including the element corresponding to that element of the vector ⁇ (v).
- a plurality of first vector extraction units that obtain a share [y] of a vector y obtained by extracting the (m + 1) th element to the (m + n) th element of ⁇ 1 ( ⁇ (y)).
- ⁇ Mapping can be calculated while detecting outliers.
- FIG. 1 is a diagram exemplifying a functional configuration of a secret strong map calculation system and a secret combination system.
- FIG. 2 is a diagram illustrating a functional configuration of a secret calculation device for calculating a strong secret mapping.
- FIG. 3 is a diagram exemplifying a processing procedure of the secret strong mapping calculation method.
- FIG. 4 is a diagram exemplifying a functional configuration of a secret calculation device of a secret connection system that performs left outer connection.
- FIG. 5 is a diagram illustrating a processing procedure of a secret combining method for performing left outer combining.
- FIG. 6 is a diagram exemplifying a functional configuration of a secret calculation device of a secret combination system that performs right-left outer coupling.
- FIG. 1 is a diagram exemplifying a functional configuration of a secret strong map calculation system and a secret combination system.
- FIG. 2 is a diagram illustrating a functional configuration of a secret calculation device for calculating a strong secret
- FIG. 7 is a diagram illustrating a processing procedure of a secret combining method for performing right outer combining.
- FIG. 8 is a diagram exemplifying a functional configuration of a secret calculation device of a secret connection system that performs a complete outer connection.
- FIG. 9 is a diagram exemplifying a processing procedure of a secret combining method for performing complete outer combining.
- the secret strong mapping calculation system includes N ( ⁇ 2) secret calculation devices 1 1 ,..., 1 N.
- each of the secure computing devices 1 1 ,..., 1 N is connected to the communication network 2.
- the communication network 2 is a circuit-switched or packet-switched communication network configured so that connected devices can communicate with each other.
- the Internet for example, the Internet, a LAN (Local Area Network), and a WAN (Wide Area Network) And so on. Note that each device does not necessarily need to be able to communicate online via the communication network 2.
- secure computing apparatus 1 1, ..., and stores information to be input to the 1 N in a portable recording medium such as a magnetic tape or a USB memory, secure computing apparatus 1 1 from the portable recording medium, ..., offline to 1 N May be configured to be input.
- a portable recording medium such as a magnetic tape or a USB memory
- the secret calculation device 1 n of the secret strong mapping calculation system includes a first vector combination unit 11 n , a first permutation calculation unit 12 n , a first vector generation unit 13 n , and a second vector combination. It has a unit 14 n , a first replacement application unit 15 n , a second vector generation unit 16 n , a first reverse replacement application unit 17 n , and a first vector extraction unit 18 n .
- the secret strong map calculation method of the embodiment is realized.
- the processing of each step is performed by secret calculation. That is, the secret computing device 1 n performs the processing of each step without restoring the share, in other words, without knowing the contents of the share.
- Secure computing apparatus 1 n for example, a central processing unit (CPU: Central Processing Unit), a main memory (RAM: Random Access Memory) special program known or special purpose computer having like are configured read and It is a special device.
- the secret computing device 1 n executes each process under the control of the central processing unit, for example.
- the data input to the secure computing device 1 n and the data obtained in each process are stored in, for example, a main storage device, and the data stored in the main storage device is read out to a central processing unit as needed. Used for other processing.
- At least a part of each component of the secure computing device 1n may be configured by hardware such as an integrated circuit.
- ⁇ is an arbitrary vector or an arbitrary permutation
- [ ⁇ ] is a share in which ⁇ is secretly shared.
- the vector y (2, -1,1, -1,5) is obtained.
- Step S1> The share [r] of the vector r and the share [x] of the vector x are input to the first vector combining units 11 1 ,..., 11 N.
- the first vector combining units 11 1 ,..., 11 N generate a share [k] of the vector k ⁇ [F k ] 2m + n obtained by combining the vector r, the vector x, and the same vector as the vector r (step S1). ).
- the generated share [k] is output to the first permutation calculators 12 1 ,..., 12 N.
- vector k (1,3,2,1,0,2,5,3,1,3,2).
- Step S2> The share [k] is input to the first permutation calculators 12 1 ,..., 12 N.
- the first permutation calculators 12 1 ,..., 12 N use the share [k] to generate a share [ ⁇ ] of the permutation ⁇ that stably sorts the vector k (step S2).
- the share [ ⁇ ] is output to the first vector generation units 13 1 ,..., 13 N.
- the replacement ⁇ (4,0,3,8,2,5, 10,1,7,9,6).
- the generation of the share [ ⁇ ] of the replacement ⁇ for performing the stable sorting can be realized by, for example, the method of Reference 1.
- Reference 1 Dai Igarashi, Hiroki Hamada, Ryo Kikuchi, Koji Senda, "Design and Implementation of Ultra-Fast Secret Computing Sort: The Day Secret Computing Arranges in Script Language", CSS2017, 2017
- Step S3> The share [d] and u of the vector d are input to the first vector generation units 13 1 ,..., 13 N.
- the first vector generation units 13 1 ,..., 13 N generate shares [d ′] of a vector d ′ which is a vector obtained by subtracting u from each element of the vector d using the shares [d] and u. (Step S3).
- the second vector coupling units 14 1 ,..., 14 N are vectors obtained by inverting the sign of the vector d ′, the zero vector having n elements, and the elements of the vector d ′ using the share [d ′].
- a share [v] of a vector v ⁇ [F v ] 2m + n obtained by combining a certain vector -d ′ is generated (step S4).
- the share [v] is output to the first replacement application units 15 1 ,..., 15 N.
- Step S5> The share [v] and the share [ ⁇ ] are input to the first replacement application units 15 1 ,..., 15 N.
- First substitution applying section 15 1, ..., 15 N generates, share [v] and using the Share [sigma], the share of the vector sigma applying the substitution sigma vector v (v) [ ⁇ (v )] (Step S5).
- the share [ ⁇ (v)] is output to the second vector generation units 16 1 ,..., 16 N.
- the second vector generation units 16 1 ,..., 16 N use the share [ ⁇ (v)], and each element corresponds to each element including the element corresponding to that element of the vector ⁇ (v).
- a share [ ⁇ (y)] of the vector ⁇ (y) that is the sum of the elements up to the element and u is generated (step S6).
- the second vector generation units 16 1 ,..., 16 N calculate the prefix-sum of the vector ⁇ (v) with the initial value u, and set it as ⁇ (y).
- the share [ ⁇ (y)] is output to the first reverse replacement application units 17 1 ,..., 17 N.
- the vector ⁇ (v) (0,3,0, -3,2,0, -2,6,0, -6,0)
- the vector ⁇ (y) (-1, 2,2, -1,1,1, -1,5,5, -1, -1).
- Step S7 First inverse permutation application unit 17 1, ..., a 17 N, Share [ ⁇ (y)] and shares [sigma] is input.
- the first inverse replacement application units 17 1 ,..., 17 N use the share [ ⁇ (y)] and the share [ ⁇ ] to apply the vector ⁇ (y) to the inverse ⁇ ⁇ 1 of the replacement ⁇ . -1 ( ⁇ (y)) share of [ ⁇ -1 ( ⁇ (y) )] to produce a (step S7).
- the share [ ⁇ ⁇ 1 ( ⁇ (y))] is output to the first vector extraction units 18 1 ,..., 18 N.
- the first vector extraction units 18 1 ,..., 18 N use the share [ ⁇ ⁇ 1 ( ⁇ (y))] to calculate the m + 1-th to m + n-th vectors of the vector ⁇ ⁇ 1 ( ⁇ (y)). Then, a share [y] of the vector y from which the element is extracted is obtained (step S8).
- the mapping can be calculated while detecting the abnormal value.
- the secret combination system includes N ( ⁇ 2) secret calculation devices 1 1 ,..., 1 N , similarly to the strong secret map calculation system.
- each of the secure computing devices 1 1 ,..., 1 N is connected to the communication network 2.
- the communication network 2 is a circuit-switched or packet-switched communication network configured so that connected devices can communicate with each other.
- the Internet a LAN (Local Area Network), and a WAN (Wide Area Network) And so on. Note that each device does not necessarily need to be able to communicate online via the communication network 2.
- secure computing apparatus 1 1, ..., and stores information to be input to the 1 N in a portable recording medium such as a magnetic tape or a USB memory, secure computing apparatus 1 1 from the portable recording medium, ..., offline to 1 N May be configured to be input.
- a portable recording medium such as a magnetic tape or a USB memory
- the secret calculation device 1 n of the secret combination system includes a first vector combination unit 11 n , a first permutation calculation unit 12 n , a first vector generation unit 13 n , and a second vector combination unit 14.
- the second inverse permutation application unit 111 n , the second vector extraction unit 112 n , the modified second table generation unit 113 n , the third permutation application unit 114 n , the fourth vector generation unit 115 n , the shift unit 116 n , and the third It includes an inverse replacement applying unit 117 n , a bit inverting unit 118 n , a third vector extracting unit 119 n , a modified first table generating unit 120 n , a first table combining unit 121 n , and a first table shaping unit 122 n .
- the first vector combination portion 11 n in the secure computing apparatus 1 n, first substitution calculator 12 n, first vector generating unit 13 n, the second vector combination portion 14 n, first The replacement application unit 15 n , the second vector generation unit 16 n , the first inverse replacement application unit 17 n , and the first vector extraction unit 18 n can be said to be parts corresponding to the secret strong mapping calculation system.
- the secret combining method according to the embodiment is realized by performing the processing of each step.
- the processing of each step is performed by secret calculation. That is, the secret computing device 1 n performs the processing of each step without restoring the share, in other words, without knowing the contents of the share.
- Secure computing apparatus 1 n for example, a central processing unit (CPU: Central Processing Unit), a main memory (RAM: Random Access Memory) special program known or special purpose computer having like are configured read and It is a special device.
- the secret computing device 1 n executes each process under the control of the central processing unit, for example.
- the data input to the secure computing device 1 n and the data obtained in each process are stored in, for example, a main storage device, and the data stored in the main storage device is read out to a central processing unit as needed. Used for other processing.
- At least a part of each component of the secure computing device 1n may be configured by hardware such as an integrated circuit.
- the secret join system described below joins the first table and the second table to the left outside.
- the secret combining system described below combines records common to the first table and the second table and records existing only in the first table while maintaining confidentiality.
- m, n, L 1 and L 2 are integers of 1 or more. m, n, L 1 and L 2 may have the same value or different values.
- the first table has m records. Each of the m records has a single key, and the attribute value of one attribute L. k 1 ⁇ F k m is assumed to be a vector of keys of the first table. Assume that there are no duplicate keys in the first table.
- the second table has n records. Each of the n records has one key and attribute values of L 2 attributes. Let k 2 ⁇ F k n be the vector of keys in the second table. It is assumed that there may be duplicate keys in the second table.
- v 1 can be a vector obtained by connecting the attribute values of a plurality of attributes.
- the first table has two records and includes attribute values of two attributes.
- v 2 may be a vector obtained by connecting the attribute values of a plurality of attributes.
- a vector having a ring as an element is also a ring
- data in which the values of the attributes included in a certain record are arranged can be regarded as a vector, that is, a ring.
- the second replacement application units 19 1 ,..., 19 N include m elements with each element being 1, n elements with each element being 0, and m elements with each element being ⁇ 1. Generate a share [ ⁇ (g)] of the vector ⁇ (g) obtained by applying the substitution ⁇ to the vector g using the share [g] and the share [ ⁇ ] of the vector g ⁇ [F] 2m + n obtained by combining (Step S9).
- the share [ ⁇ (g)] is output to the third vector generation units 110 1 ,..., 110 N.
- each column (i, j) T of the replacement ⁇ means that the i-th element of the vector to which the replacement is applied is moved to the j-th element.
- the third vector generation units 110 1 ,..., 110 N use the share [ ⁇ (g)], and each element corresponds to each element of the vector ⁇ (g), including the element corresponding to that element.
- the third vector generation units 110 1 ,..., 110 N calculate the prefix-sum of ⁇ (g) and set it as ⁇ (g ′).
- the share [ ⁇ (g ′)] is output to the second reverse permutation application units 111 1 ,..., 111 N.
- ⁇ (g) (1,0, -1,1, -1,0,1,0,0, -1)
- ⁇ (g ′) (1,1,0, 1,0,0,1,1,1,0).
- the share [g '] is output to the second vector extraction units 112 1 ,..., 112 N.
- ⁇ (g ′) (1,1,0,1,0,0,1,1,1,0)
- g ′ (1,1,1,1,1,0 , 1,1,0,0,0).
- Step S12> The second vector extraction unit 112 1, ..., to 112 N, share [g '] is input.
- the second vector extraction units 112 1 ,..., 112 N use the share [g ′] to obtain the share [f1 ′] of the vector f1 ′ obtained by extracting the m + 1-th to m + n-th elements of the vector g ′. Is generated (step S12).
- the share [f1 '] is output to the modified second table generators 113 1 ,..., 113 N.
- f1 ′ (1,0, 1,1).
- Step S13> Modified second table generating unit 113 1, ..., to 113 N, share [f1 '] and shares [y] is input.
- a modified second table is generated by combining the vector f1 ', the table in which the i-th element of the attribute of the second table is uv2 , and the vector y (step S13).
- u v2 is a predetermined value.
- the modified second table is output to the first table combining units 121 1 ,..., 121 N.
- v 2 water, mix ole, drug, water
- f1 ' (1,0,1,1) and the vector is (100, -1,85,85)
- the modified second table is as shown below.
- i 1,..., N
- Step S14> Third substituted applying unit 114 1, ..., to 114 N, and m elements each element is 1, and n elements each element is 0, and m elements each element is -1 And the share [e] and the share [ ⁇ ] of the vector e ⁇ [F] 2m + n are input.
- the third permutation application units 114 1 ,..., 114 N use the share [e] and the share [ ⁇ ] of the vector e ⁇ [F] 2m + n to obtain a vector ⁇ (e) obtained by applying the substitution ⁇ to the vector e. Is generated (step S14).
- the share [ ⁇ (e)] is output to the fourth vector generation units 115 1 ,..., 115 N.
- Step S15 Fourth vector generation unit 115 1, ..., to 115 N, Share [ ⁇ (e)] is input.
- the fourth vector generation units 115 1 ,..., 115 N use the share [ ⁇ (e)], and each element corresponds to each element including the element corresponding to that element of the vector ⁇ (e).
- the fourth vector generation units 115 1 ,..., 115 N calculate the prefix-sum of ⁇ (e) and set it as ⁇ (e ′).
- the share [ ⁇ (e ')] is output to the shift units 116 1 ,..., 116 N.
- ⁇ (e) (1,0, -1,1, -1,0,1,0,0, -1)
- ⁇ (e ′) (1,1,0, 1,0,0,1,1,1,0).
- the shift units 116 1 ,..., 116 N use the share [ ⁇ (e ′)] to shift the elements of the vector ⁇ (e) one by one. e '')] is generated (step S16).
- the last element (rightmost element) of the vector ⁇ (e ′′) is For example, 0.
- the first element (the leftmost element) of the vector ⁇ (e ′′) Is, for example, 0.
- the share [ ⁇ (e ′′)] is output to the third reverse permutation application units 117 1 ,..., 117 N.
- the third inverse permutation applying unit 117 1 ,..., 117 N uses the share [ ⁇ (e ′′)] and the share [ ⁇ ] to add the inverse permutation ⁇ ⁇ 1 of the substitution ⁇ to the vector ⁇ (e ′′).
- a share [e ′′] of the applied vector e ′′ is generated (step S17).
- the share [e ′′] is output to the bit inverters 118 1 ,..., 118 N.
- the vector ⁇ (e ′′) (1,0,1,0,0,1,1,1,0,0), and the replacement ⁇ is ⁇ defined by the above equation (1).
- the vector e ′′ (1,0,1,0,1,1,0,1,0,0,0).
- the bit inverting units 118 1 ,..., 118 N use the share [e ′′] to generate the share [f] of the vector f obtained by inverting the elements 0 and 1 of the vector e ′′ (step S18). .
- the share [f] is output to the third vector extraction units 119 1 ,..., 119 N.
- the vector f (0,1,0,1,0,0, 1,0,1,1).
- the third vector extracting unit 119 1 ,..., 119 N generates a share [f ′] of the vector f ′ by extracting m elements from the left of the vector f using the share [f] (step S19). .
- the share [f '] is output to the modified first table generation units 120 1 ,..., 120 N.
- the vector f (0,1,0,1,0,0,1,0,1,1)
- the vector f ′ (0,1,0).
- the vector f ' represents the position of a record in only the first table.
- the vector f ′ (0,1,0) indicates that the second record of the first table exists only in the first table and does not exist in the second table.
- the modified first table is output to the first table combining units 121 1 ,..., 121 N.
- u k , uv 1 ⁇ 1
- the vector f ′ (0,1,0)
- the first table has three records
- the table is as follows.
- the first table combining units 121 1 ,..., 121 N generate a combined table obtained by combining the modified second table and the modified first table (step S21).
- the joining table is as shown below.
- a vector obtained by connecting the flag vectors f1 ′ and f ′ is denoted by f ′′.
- the first table shaping units 122 1 ,..., 122 N use the join table, the shares [f1 ′] and [f ′] to extract the elements of the vector f1 ′ and the vector f ′ (in other words, the vector f1 ′) from the join table.
- An element of the vector f ′′ obtained by combining the vector f ′ and the vector f ′) is extracted to generate a post-shape coupling table (step S22).
- the joined table after shaping is the following table.
- the first table shaping units 122 1 ,..., 122 N extract the records in which the element of the vector f ′′ is 1 after sorting by the vector f ′′ obtained by combining the vector f1 ′ and the vector f ′.
- a post-shaping join table may be generated.
- the share [f ′′] of the vector f ′′ may be made public.
- This post-shaping join table is a table in which the first table and the second table are left-outer joined.
- the secret coupling system and method performs a so-called right outer coupling.
- the secret combining system combines records common to the first table and the second table and records existing only in the second table while maintaining confidentiality.
- the secret combination system that performs the right outer join includes a second replacement application unit 19 n , a third vector extraction unit 110 n , a second reverse replacement application unit 111 n , a second vector extraction unit 112 n , and a modified second table generation unit 113 n , third permutation application unit 114 n , fourth vector generation unit 115 n , shift unit 116 n , third inverse permutation application unit 117 n , bit inversion unit 118 n , third vector extraction unit 119 n , modified first table A secret for performing left outer join except that a modified second table generating unit 123 n is provided instead of not including the generating unit 120 n , the first table combining unit 121 n , and the first table shaping unit 122 n. Similar to the coupling system.
- the secret combining method for performing the right outer join is the same as the secret combining method for performing the left outer join except that the processing from step S9 to step S22 is not performed, but the processing in step S23 is performed.
- the secret calculation device 1 n of the secret combination system includes a first vector combination unit 11 n , a first permutation calculation unit 12 n , a first vector generation unit 13 n , and a second vector combination unit 14. n , a first replacement application unit 15 n , a second vector generation unit 16 n , a first inverse replacement application unit 17 n , a first vector extraction unit 18 n , and a modified second table generation unit 123 n .
- the first vector combination portion 11 n in the secure computing apparatus 1 n can be said to be parts corresponding to the secret strong mapping calculation system.
- the modified second table generating units 123 1 ,..., 122 N generate a modified second table combining the second table and the vector y using the share [y] (step S23).
- This modified second table is a table in which the first table and the second table are joined to the right.
- the secret coupling system and method performs a so-called perfect outer coupling.
- this secret combination system joins a record common to the first table and the second table, a record existing only in the first table, and a record existing only in the second table while maintaining confidentiality. .
- the secret combining system that performs the complete outer join does not include the first table combining unit 121 n and the first table shaping unit 122 n, but includes a second table shaping unit 124 n and a second table combining unit 125 n. Except for this point, it is the same as the secret coupling system performing left outer coupling and the secret coupling system performing right outer coupling.
- the secret combining method of performing a full outer join is based on the secret combining method of performing a left outer join and the right outer combining except that the processes of steps S21 and S22 are not performed, but the processes of steps S24 and S25 are performed. This is the same as the secret combining method performed.
- the secret calculation device 1 n of the secret combination system includes a first vector combination unit 11 n , a first permutation calculation unit 12 n , a first vector generation unit 13 n , and a second vector combination unit 14.
- a first replacement application unit 15 n a second vector generation unit 16 n , a first inverse replacement application unit 17 n , a first vector extraction unit 18 n , a second replacement application unit 19 n , and a third vector extraction unit 110 n
- the second inverse permutation application unit 111 n the second vector extraction unit 112 n , the modified second table generation unit 113 n , the third permutation application unit 114 n , the fourth vector generation unit 115 n , the shift unit 116 n , and the third Inverse permutation application section 117 n , bit inversion section 118 n , third vector extraction section 119 n , modified first table generation section 120 n , first table combining section 121 n , first table shaping section 122 n , modified second table generator 123 n, a Table shaping unit 124 n, and a second table coupling part 125 n.
- the first vector combination portion 11 n in the secure computing apparatus 1 n can be said to be parts corresponding to the secret strong mapping calculation system.
- the processing from ⁇ Step S1> to ⁇ Step S8> is performed.
- the processing from ⁇ Step S1> to ⁇ Step S8> is the same as the processing from ⁇ Step S1> to ⁇ Step S8> described in the section of [Secret Strong Mapping Calculation System and Method], and thus redundant description is omitted here. I do.
- ⁇ Step S23> is performed.
- the process of ⁇ Step S23> is the same as the process of ⁇ Step S23> described in the section of [Secret Combination System and Method for Performing Right Outer Combination], and thus, redundant description is omitted here.
- the processing from ⁇ Step S9> to ⁇ Step S20> is the same as the processing from ⁇ Step S9> to ⁇ Step S20> described in the section of [Secret Combination System and Method for Performing Left Outer Combination]. Description is omitted.
- the second table shaping units 124 1 ,..., 124 N use the deformed first table, the share [f ′], and perform the first deformed deformed first extraction of the record in which the element of the vector f ′ is 1 from the first deformed table.
- a table is generated (Step S24).
- the first modified table is output to the second table combining units 125 1 ,..., 125 N.
- the first modified table is the table of (B) above, the first modified table will be the following table.
- Step S25> The second table coupling unit 125 1, ..., to 125 N, deformation second table and shaping after deformation the first table is input.
- the second table coupling unit 125 1, ..., 125 N produces a binding table that combines the modified second table and shaping after deformation first table (step S25).
- the joining table is as follows.
- This table is a table in which the first table and the second table are completely connected.
- z may be a positive integer of 2 or more, and the key attribute may be a composite key of z attributes.
- the process of step S1 may be performed as follows.
- each element of k 0 can be represented by 2 bits.
- (k 0 ) 0 is the lower bit when k 0 is bit-decomposed
- each row of this matrix is regarded as a bit representation of the key of one record, (1,2,3,1,3,4,5,1,2,3)
- a vector of the bit representation of the key is obtained. This vector may be used as k used in step S2 and subsequent steps. In this way, a composite key can be processed.
- the key duplication is whether or not the key is duplicated from the viewpoint of the combination of the values of all key attributes, and it is assumed that the duplication of the value of each attribute is not regarded as the duplication. For example, the combinations (1,0) and (1,1) are not overlapping.
- a program describing this processing content can be recorded on a computer-readable recording medium.
- a computer-readable recording medium for example, any recording medium such as a magnetic recording device, an optical disk, a magneto-optical recording medium, and a semiconductor memory may be used.
- the distribution of the program is performed by selling, transferring, lending, or the like, a portable recording medium such as a DVD or a CD-ROM on which the program is recorded.
- the program may be stored in a storage device of a server computer, and the program may be distributed by transferring the program from the server computer to another computer via a network.
- the computer that executes such a program first stores, for example, a program recorded on a portable recording medium or a program transferred from a server computer in its own storage device. Then, when executing the processing, the computer reads the program stored in its own storage device and executes the processing according to the read program. As another execution form of the program, the computer may directly read the program from the portable recording medium and execute processing according to the program, and further, the program may be transferred from the server computer to the computer. Each time, the processing according to the received program may be sequentially executed.
- ASP Application ⁇ Service ⁇ Provider
- the program in the present embodiment includes information used for processing by the computer and which is similar to the program (data that is not a direct command to the computer but has characteristics that define the processing of the computer).
- the present apparatus is configured by executing a predetermined program on a computer, but at least a part of the processing contents may be realized by hardware.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Mathematical Physics (AREA)
- Computational Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Complex Calculations (AREA)
- Storage Device Security (AREA)
Abstract
Description
図1を参照して、実施形態の秘密強写像計算システムの構成例を説明する。秘密強写像計算システムは、N(≧2)台の秘密計算装置11,…,1Nを含む。本形態では、秘密計算装置11, …, 1Nはそれぞれ通信網2へ接続されている。通信網2は、接続される各装置が相互に通信可能なように構成された回線交換方式もしくはパケット交換方式の通信網であり、例えばインターネットやLAN(Local Area Network)、WAN(Wide Area Network)などである。なお、各装置は必ずしも通信網2を介してオンラインで通信可能である必要はない。例えば、秘密計算装置11, …, 1Nへ入力する情報を磁気テープやUSBメモリなどの可搬型記録媒体に記憶し、その可搬型記録媒体から秘密計算装置11, …,1Nへオフラインで入力するように構成してもよい。
第一ベクトル結合部111,…,11Nに、ベクトルrのシェア[r]及びベクトルxのシェア[x]が入力される。
第一置換計算部121,…,12Nに、シェア[k]が入力される。
〔参考文献1〕五十嵐大、濱田浩気、菊池亮、千田浩司、「超高速秘密計算ソートの設計と実装:秘密計算がスクリプト言語に並ぶ日」、CSS2017、2017
第一ベクトル生成部131,…,13Nに、ベクトルdのシェア[d]とuとが入力される。
第二ベクトル結合部141,…,14Nに、シェア[d']が入力される。
第一置換適用部151,…,15Nに、シェア[v]及びシェア[σ]が入力される。
第二ベクトル生成部161,…,16Nに、シェア[σ(v)]が入力される。
第一逆置換適用部171,…,17Nに、シェア[σ(y)]及びシェア[σ]が入力される。
第一ベクトル抽出部181,…,18Nに、シェア[σ-1(σ(y))]が入力される。
図1を参照して、実施形態の秘密結合システムの構成例を説明する。この秘密結合システム及び方法は、いわゆる左外部結合を行うものである。左外部結合については後述する。
第二置換適用部191,…,19Nに、各要素が1であるm個の要素と、各要素が0であるn個の要素と、各要素が-1であるm個の要素とを結合したベクトルg∈[F]2m+nのシェア[g]及びシェア[σ]が入力される。ここで、Fは任意の環である。
第三ベクトル生成部1101,…,110Nに、シェア[σ(g)]が入力される。
第二逆置換適用部1111,…,111Nに、シェア[σ(g')]及びシェア[g']が入力される。
第二ベクトル抽出部1121,…,112Nに、シェア[g']が入力される。
変形第二テーブル生成部1131,…,113Nに、シェア[f1']及びシェア[y]が入力される。
第三置換適用部1141,…,114Nに、各要素が1であるm個の要素と、各要素が0であるn個の要素と、各要素が-1であるm個の要素とを結合したベクトルe∈[F]2m+nのシェア[e]及びシェア[σ]が入力される。
第四ベクトル生成部1151,…,115Nに、シェア[σ(e)]が入力される。
シフト部1161,…,116Nに、シェア[σ(e')]が入力される。
第三逆置換適用部1171,…,117Nに、シェア[σ(e'')]及びシェア[σ]が入力される。
ビット反転部1181,…,118Nに、シェア[e'']が入力される。
第三ベクトル抽出部1191,…,119Nに、シェア[f]が入力される。
変形第一テーブル生成部1201,…,120Nに、シェア[f']、シェア[r]及びシェア[d]が入力される。
第一テーブル結合部1211,…,121Nに、変形第二テーブルと変形第一テーブルとが入力される。
第一テーブル整形部1221,…,122Nに、シェア[f1']及び[f']が入力される。
図1を参照して、実施形態の秘密結合システムの構成例を説明する。この秘密結合システム及び方法は、いわゆる右外部結合を行うものである。言い換えれば、この秘密結合システムは、秘匿性を保ちつつ、第一テーブル及び第二テーブルに共通するレコードと、第二テーブルのみに存在するレコードとを結合する。
変形第二テーブル生成部1231,…,122Nに、シェア[y]が入力される。
図8を参照して、実施形態の秘密結合システムの構成例を説明する。この秘密結合システム及び方法は、いわゆる完全外部結合を行うものである。言い換えれば、この秘密結合システムは、秘匿性を保ちつつ、第一テーブル及び第二テーブルに共通するレコードと、第一テーブルのみに存在するレコードと、第二テーブルのみに存在するレコードとを結合する。
第二テーブル整形部1241,…,124Nに、シェア[f']が入力される。
第二テーブル結合部1251,…,125Nに、変形第二テーブル及び整形後変形第一テーブルが入力される。
以上、この発明の実施の形態について説明したが、具体的な構成は、これらの実施の形態に限られるものではなく、この発明の趣旨を逸脱しない範囲で適宜設計の変更等があっても、この発明に含まれることはいうまでもない。
上記説明した各装置における各種の処理機能をコンピュータによって実現する場合、各装置が有すべき機能の処理内容はプログラムによって記述される。そして、このプログラムをコンピュータで実行することにより、上記各装置における各種の処理機能がコンピュータ上で実現される。
Claims (4)
- 複数の秘密計算装置を含む秘密強写像計算システムであって、
Fk,Fvは任意の環であり、αを任意のベクトル又は置換として[α]はαが秘密分散されたシェアであり、m,nは1以上の所定の整数であり、uは所定の値であり、r∈Fk mは要素が互いに異なる所定のベクトルであり、d∈Fv m,x∈Fk nは所定のベクトルであり、
上記複数の秘密計算装置は、
上記ベクトルrのシェア[r]及び上記ベクトルxのシェア[x]を用いて、上記ベクトルrと上記ベクトルxと上記ベクトルrと同じベクトルとを結合したベクトルk∈[Fk]2m+nのシェア[k]を生成する複数の第一ベクトル結合部と、
上記シェア[k]を用いて、上記ベクトルkを安定ソートする置換σのシェア[σ]を生成する複数の第一置換計算部と、
上記ベクトルdのシェア[d]とuとを用いて、ベクトルdの各要素からuを減算したベクトルであるベクトルd'のシェア[d']を生成する複数の第一ベクトル生成部と、
上記シェア[d']を用いて、上記ベクトルd'と要素数がnである0ベクトルと上記ベクトルd'の各要素の正負を反転させたベクトルであるベクトル-d'とを結合したベクトルv∈[Fv]2m+nのシェア[v]を生成する複数の第二ベクトル結合部と、
上記シェア[v]及び上記シェア[σ]を用いて、上記ベクトルvに上記置換σを適用したベクトルσ(v)のシェア[σ(v)]を生成する複数の第一置換適用部と、
上記シェア[σ(v)]を用いて、各要素が、上記ベクトルσ(v)のその各要素に対応する要素を含むその各要素に対応する要素までの要素の和と上記uとの和であるベクトルσ(y)のシェア[σ(y)]を生成する複数の第二ベクトル生成部と、
上記シェア[σ(y)]及び上記シェア[σ]を用いて、上記ベクトルσ(y)に上記置換σの逆置換σ-1を適用したベクトルσ-1(σ(y))のシェア[σ-1(σ(y))]を生成する複数の第一逆置換適用部と、
上記シェア[σ-1(σ(y))]を用いて、上記ベクトルσ-1(σ(y))のm+1番目からm+n番目の要素を抽出したベクトルyのシェア[y]を得る複数の第一ベクトル抽出部と、
を含む秘密強写像計算システム。 - Fk,Fvは任意の環であり、αを任意のベクトル又は置換として[α]はαが秘密分散されたシェアであり、m,nは1以上の所定の整数であり、uは所定の値であり、r∈Fk mは要素が互いに異なる所定のベクトルであり、d∈Fv m,x∈Fk nは所定のベクトルであり、
複数の第一ベクトル結合部が、上記ベクトルrのシェア[r]及び上記ベクトルxのシェア[x]を用いて、上記ベクトルrと上記ベクトルxと上記ベクトルrと同じベクトルとを結合したベクトルk∈[Fk]2m+nのシェア[k]を生成する複数の第一ベクトル結合ステップと、
複数の第一置換計算部が、上記シェア[k]を用いて、上記ベクトルkを安定ソートする置換σのシェア[σ]を生成する複数の第一置換計算ステップと、
複数の第一ベクトル生成部が、上記ベクトルdのシェア[d]とuとを用いて、ベクトルdの各要素からuを減算したベクトルであるベクトルd'のシェア[d']を生成する複数の第一ベクトル生成ステップと、
複数の第二ベクトル結合部が、上記シェア[d']を用いて、上記ベクトルd'と要素数がnである0ベクトルと上記ベクトルd'の各要素の正負を反転させたベクトルであるベクトル-d'とを結合したベクトルv∈[Fv]2m+nのシェア[v]を生成する複数の第二ベクトル結合ステップと、
複数の第一置換適用部が、上記シェア[v]及び上記シェア[σ]を用いて、上記ベクトルvに上記置換σを適用したベクトルσ(v)のシェア[σ(v)]を生成する複数の第一置換適用ステップと、
複数の第二ベクトル生成部が、上記シェア[σ(v)]を用いて、各要素が、上記ベクトルσ(v)のその各要素に対応する要素を含むその各要素に対応する要素までの要素の和と上記uとの和であるベクトルσ(y)のシェア[σ(y)]を生成する複数の第二ベクトル生成ステップと、
複数の第一逆置換適用部が、上記シェア[σ(y)]及び上記シェア[σ]を用いて、上記ベクトルσ(y)に上記置換σの逆置換σ-1を適用したベクトルσ-1(σ(y))のシェア[σ-1(σ(y))]を生成する複数の第一逆置換適用ステップと、
複数の第一ベクトル抽出部が、上記シェア[σ-1(σ(y))]を用いて、上記ベクトルσ-1(σ(y))のm+1番目からm+n番目の要素を抽出したベクトルyのシェア[y]を得る複数の第一ベクトル抽出ステップと、
を含む秘密強写像計算方法。 - 請求項1の秘密強写像計算システムの秘密計算装置。
- 請求項3の秘密計算装置の各部としてコンピュータを機能させるためのプログラム。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP19849590.5A EP3839923B1 (en) | 2018-08-13 | 2019-08-08 | Secret strong mapping calculation system, method therefor, secret calculation device, and program |
CN201980053422.6A CN112567442B (zh) | 2018-08-13 | 2019-08-08 | 秘密强映射计算系统、它们的方法、秘密计算装置以及记录介质 |
JP2020537439A JP7067624B2 (ja) | 2018-08-13 | 2019-08-08 | 秘密強写像計算システム、これらの方法、秘密計算装置及びプログラム |
AU2019321329A AU2019321329B2 (en) | 2018-08-13 | 2019-08-08 | Secure strong mapping computing systems, methods, secure computing apparatus and program |
US17/267,813 US11886876B2 (en) | 2018-08-13 | 2019-08-08 | Secure strong mapping computing systems, methods, secure computing apparatus and program |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2018152411 | 2018-08-13 | ||
JP2018-152411 | 2018-08-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020036125A1 true WO2020036125A1 (ja) | 2020-02-20 |
Family
ID=69525560
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2019/031475 WO2020036125A1 (ja) | 2018-08-13 | 2019-08-08 | 秘密強写像計算システム、これらの方法、秘密計算装置及びプログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US11886876B2 (ja) |
EP (1) | EP3839923B1 (ja) |
JP (1) | JP7067624B2 (ja) |
CN (1) | CN112567442B (ja) |
AU (1) | AU2019321329B2 (ja) |
WO (1) | WO2020036125A1 (ja) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013157652A (ja) * | 2012-01-26 | 2013-08-15 | Nippon Telegr & Teleph Corp <Ntt> | 秘密計算システム、暗号化装置、秘密計算装置及びその方法、プログラム |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5297688B2 (ja) * | 2008-05-09 | 2013-09-25 | 株式会社日立製作所 | ベクトル秘匿型内積計算システム、ベクトル秘匿型内積計算方法及び暗号鍵共有システム |
JP5486520B2 (ja) * | 2011-01-21 | 2014-05-07 | 日本電信電話株式会社 | セキュア集合関数システム、秘密集合関数装置、セキュア集合関数処理方法、セキュア集合関数プログラム |
US9432188B2 (en) * | 2012-07-05 | 2016-08-30 | Nippon Telegraph And Telephone Corporation | Secret sharing system, data distribution apparatus, distributed data transform apparatus, secret sharing method and program |
JP6083234B2 (ja) * | 2012-12-27 | 2017-02-22 | 富士通株式会社 | 暗号処理装置 |
WO2015107951A1 (ja) * | 2014-01-17 | 2015-07-23 | 日本電信電話株式会社 | 秘密計算方法、秘密計算システム、ソート装置及びプログラム |
US10002547B2 (en) * | 2014-01-17 | 2018-06-19 | Nippon Telegraph And Telephone Corporation | Secret calculation method, secret calculation system, random permutation device, and program |
JP5860557B1 (ja) * | 2015-02-06 | 2016-02-16 | 日本電信電話株式会社 | 秘密公開方法、秘密公開システム、秘密公開装置、およびプログラム |
JP5872085B1 (ja) * | 2015-03-18 | 2016-03-01 | 日本電信電話株式会社 | 分散値変換システム、分散値変換装置、分散値変換方法、およびプログラム |
JP5957120B1 (ja) * | 2015-05-12 | 2016-07-27 | 日本電信電話株式会社 | 秘密分散方法、秘密分散システム、分散装置、およびプログラム |
JP5957126B1 (ja) * | 2015-06-24 | 2016-07-27 | 日本電信電話株式会社 | 秘密計算装置、秘密計算方法、およびプログラム |
JP6605746B2 (ja) | 2016-09-27 | 2019-11-13 | 日本電信電話株式会社 | 秘密等結合システム、秘密等結合装置、秘密等結合方法、プログラム |
WO2020036126A1 (ja) * | 2018-08-13 | 2020-02-20 | 日本電信電話株式会社 | 秘密結合システム、この方法、秘密計算装置及びプログラム |
-
2019
- 2019-08-08 EP EP19849590.5A patent/EP3839923B1/en active Active
- 2019-08-08 JP JP2020537439A patent/JP7067624B2/ja active Active
- 2019-08-08 CN CN201980053422.6A patent/CN112567442B/zh active Active
- 2019-08-08 US US17/267,813 patent/US11886876B2/en active Active
- 2019-08-08 AU AU2019321329A patent/AU2019321329B2/en active Active
- 2019-08-08 WO PCT/JP2019/031475 patent/WO2020036125A1/ja unknown
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2013157652A (ja) * | 2012-01-26 | 2013-08-15 | Nippon Telegr & Teleph Corp <Ntt> | 秘密計算システム、暗号化装置、秘密計算装置及びその方法、プログラム |
Non-Patent Citations (4)
Title |
---|
HASEGAWA, SATOSHI; HAMADA, KOKI; CHIDA, KOJI; OGISHIMA, SOICHI; MISAWA, KAZUHARU; NAGASAKI, MASAO: "Privacy Preserving Fisher's Test for GWAS", IPSJ SIG TECHNICAL REPORT. SECURITY PSYCHOLOGY & TRUST (SPT), vol. 2016-SPT-19, no. 39, 7 July 2016 (2016-07-07), pages 1 - 8, XP009525702 * |
IGARASHI, DAI; HAMADA, KOKI; KIKUCHI, RYO: "We have not realized the most important thing - Designs and implementations of secure outer-join protocols", PROCEEDINGS OF COMPUTER SECURITY SYMPOSIUM 2018 (CSS2018), 22-25 OCTOBER 2018, vol. 2018, no. 2, 15 October 2018 (2018-10-15), pages 1221 - 1228, XP009525699 * |
KOKI HAMADADAI IKARASHIKOJI CHIDA: "A Batch Mapping Algorithm for Secure Function Evaluation", THE TRANSACTIONS OF THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS, vol. J96-A, no. 4, pages 157 - 165, XP008184067 |
See also references of EP3839923A4 |
Also Published As
Publication number | Publication date |
---|---|
JPWO2020036125A1 (ja) | 2021-08-12 |
AU2019321329B2 (en) | 2021-12-16 |
CN112567442B (zh) | 2024-04-09 |
EP3839923B1 (en) | 2023-11-22 |
EP3839923A4 (en) | 2022-03-30 |
CN112567442A (zh) | 2021-03-26 |
JP7067624B2 (ja) | 2022-05-16 |
US20210182062A1 (en) | 2021-06-17 |
EP3839923A1 (en) | 2021-06-23 |
AU2019321329A1 (en) | 2021-03-04 |
US11886876B2 (en) | 2024-01-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20200177366A1 (en) | Homomorphic data encryption method and apparatus for implementing privacy protection | |
US10074293B2 (en) | Secret calculation method, secret calculation system, sorting device, and program | |
WO2019208484A1 (ja) | 秘密集約総和システム、秘密計算装置、秘密集約総和方法、およびプログラム | |
CN112000632B (zh) | 密文的分享方法、介质、分享客户端及系统 | |
CN112805769B (zh) | 秘密s型函数计算系统、装置、方法及记录介质 | |
CN109791741B (zh) | 秘密等值连接系统、连接装置、连接方法、记录介质 | |
WO2020036126A1 (ja) | 秘密結合システム、この方法、秘密計算装置及びプログラム | |
JP6973633B2 (ja) | 秘密集約最大値システム、秘密集約最小値システム、秘密計算装置、秘密集約最大値方法、秘密集約最小値方法、およびプログラム | |
JP6585846B2 (ja) | 秘密計算システム、秘密計算装置、秘密計算方法、およびプログラム | |
JP2020519968A (ja) | ビット分解秘密計算装置、ビット結合秘密計算装置、方法およびプログラム | |
WO2020036125A1 (ja) | 秘密強写像計算システム、これらの方法、秘密計算装置及びプログラム | |
EP3246900B1 (en) | Matrix and key generation device, matrix and key generation system, matrix coupling device, matrix and key generation method, and program | |
JP7081663B2 (ja) | 秘密結合システム、方法、秘密計算装置及びプログラム | |
WO2020036127A1 (ja) | 秘密結合情報生成システム、秘密結合システム、これらの方法、秘密計算装置及びプログラム | |
CN111125301A (zh) | 文本方法及装置、电子设备和计算机可读存储介质 | |
WO2019188320A1 (ja) | 秘密重複排除フィルタ生成システム、秘密重複排除システム、これらの方法、秘密計算装置及びプログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19849590 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2020537439 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2019321329 Country of ref document: AU Date of ref document: 20190808 Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2019849590 Country of ref document: EP Effective date: 20210315 |