WO2022153383A1 - 秘密関係代数演算システム、秘密計算装置、秘密関係代数演算方法、およびプログラム - Google Patents
秘密関係代数演算システム、秘密計算装置、秘密関係代数演算方法、およびプログラム Download PDFInfo
- Publication number
- WO2022153383A1 WO2022153383A1 PCT/JP2021/000793 JP2021000793W WO2022153383A1 WO 2022153383 A1 WO2022153383 A1 WO 2022153383A1 JP 2021000793 W JP2021000793 W JP 2021000793W WO 2022153383 A1 WO2022153383 A1 WO 2022153383A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- relational algebra
- secret
- calculation
- unit
- relational
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 29
- 238000000605 extraction Methods 0.000 claims abstract description 17
- 239000000203 mixture Substances 0.000 claims abstract description 12
- 238000004364 calculation method Methods 0.000 claims description 81
- 238000012545 processing Methods 0.000 claims description 26
- 239000000284 extract Substances 0.000 claims description 5
- 230000015572 biosynthetic process Effects 0.000 claims description 3
- 238000010276 construction Methods 0.000 claims description 3
- 238000003786 synthesis reaction Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 description 9
- 230000009467 reduction Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 6
- 238000004422 calculation algorithm Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000003491 array Methods 0.000 description 2
- 239000002131 composite material Substances 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/10—Complex mathematical operations
- G06F17/17—Function evaluation by approximation methods, e.g. inter- or extrapolation, smoothing, least mean square method
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Definitions
- the present invention relates to a secret calculation technique, and particularly to a technique for secretly calculating relational algebra operations.
- a database management system (DBMS: Database Management System) is a system for accumulating a large amount of data and processing it efficiently, and is an important basis used for data analysis and its preprocessing.
- DBMS Database Management System
- integrated data analysis which is considered to be a promising application for secret computing, not only analytical parts such as statistical analysis and machine learning, but also a database management system that manages integrated data is required as a subsystem. ..
- the object of the present invention is a database management system called a relational database management system (RDBMS).
- RDBMS relational database management system
- a relational database management system is a database management system that handles tabular data, and data can be searched and changed according to queries from users. Queries are represented by a query language based on relational algebra.
- a typical such query language is a structured query language (SQL: Structured Query Language).
- Non-Patent Document 1 Examples of studies reporting the implementation of a database management system using secret calculation include Non-Patent Document 1 and Non-Patent Document 2.
- Database processing in a relational database management system can be regarded as a repetition of synthesis of relational algebra operations.
- g (f ( ⁇ )) When considering g (f ( ⁇ )), one way to construct g (f ( ⁇ )) by secret calculation is to complete the relational algebras f and g, respectively. It is conceivable to replace it with the protocols f sec and g sec that are concealed in, and configure it as g sec (f sec ([ ⁇ ]).
- [ ⁇ ] indicates that the value ⁇ is encrypted. show.
- An object of the present invention is to reduce the calculation cost for secretly calculating the composition of relational algebra operations in view of the above technical problems.
- the secret relation algebra calculation system of the first aspect of the present invention includes a plurality of secret calculation devices and secretly calculates the synthesis of relational algebra operations on the input table to be calculated. It is a secret relation algebra calculation system, and each secret calculation device is an intermediate between a relation algebra calculation unit that secretly calculates a relation algebra operation on an input table or an intermediate table and an intermediate that extracts a valid row from the operation result of the relation algebra calculation. Includes a valid row extractor that generates a table.
- the secret calculation device of the second aspect of the present invention is a secret calculation device that secretly calculates the composition of the relational algebra operation on the input table to be calculated, and secretly secrets the relational algebra operation on the input table or the intermediate table. It includes a relational algebra calculation unit for calculation and a valid row extraction unit for generating an intermediate table in which valid rows are extracted from the calculation result of the relational algebra operation.
- FIG. 1 is a diagram illustrating a functional configuration of a secret relational algebra arithmetic system.
- FIG. 2 is a diagram illustrating the functional configuration of the secret calculation device.
- FIG. 3 is a diagram illustrating a processing procedure of the secret relational algebra calculation method.
- FIG. 4 is a diagram illustrating a functional configuration of a computer.
- Confidential calculation is a general term for techniques that perform predetermined calculations while keeping data secret.
- a method based on secret sharing can be mentioned.
- Secret sharing is an encryption method that divides data into a plurality of values and distributes them to a plurality of parties.
- the secret sharing that can be used for secret calculation includes (k, n) threshold secret sharing.
- (k, n) Threshold secret sharing is the restoration of the original data by dividing the data into n random values (called "shares") and collecting k or more shares, less than k. It is a secret sharing method that has the property that the information of the original data cannot be obtained from the share.
- Known (k, n) threshold secret shares include Shamir secret share (see Reference 1) and duplicate secret share (see References 2 and 3).
- Random permutation is a protocol that shuffles a one-dimensional array (vector) with random permutation ⁇ . Random permutation can also be applied to two-dimensional arrays (tables).
- the operation of shuffling the table [X] in which the two-dimensional array X is concealed by the permutation ⁇ is described as ⁇ [X] ⁇ RANDPERM ([X]). In this case, it means that each column of the two-dimensional array X is replaced by the same random permutation ⁇ .
- Reference 4 is known as a method for realizing the concealed random permutation algorithm. Further, Reference 4 is an algorithm based on the secret sharing method, but as a self-evident method that does not presuppose the secret sharing method, there is, for example, random permutation using a logic circuit including a random number.
- ⁇ Restore> It is an operation to restore the secretly distributed value (or vector) [x] and obtain the original value (or vector) x.
- this operation is described as x ⁇ REVEAL ([x]).
- the secret relational algebra operation system of the embodiment is an information processing that executes a secret relational algebra operation protocol that secretly calculates a composite g (f ( ⁇ )) of relational algebra operations f and g under a condition of concealing other than the number of rows. It is a system.
- the secret relational algebra operation protocol is a general-purpose protocol that does not depend on the relational algebra operations f and g.
- a line reduction protocol ⁇ that leaves only valid lines is inserted between the relational algebra operations f and g, and g sec ( ⁇ (f sec ([R]))) is used.
- R ⁇ ⁇ where ⁇ represents the class of the record set.
- Arbitrary operations f and g in relational algebra operations are expressed as a map of f, g: ⁇ ⁇ ⁇ . Therefore, if the line reduction protocol ⁇ on [ ⁇ ] that conceals the element of ⁇ can be designed well, the line reduction protocol related to the composition of arbitrary f and g can be unifiedly realized by one algorithm ⁇ .
- the following line reduction protocol can be mentioned as a method for realizing such an algorithm ⁇ .
- This row reduction protocol first randomly replaces a concatenation of a flag column indicating a row to be selected and a table, and then publishes (restores) only the replaced flag column. Then, only the rows of the table randomly replaced based on the published flags whose flags are true are left.
- the flag column selects a valid row from the output of the relational algebra operation f, based on the safety of the secret random permutation algorithm, it is possible to leave only the valid row without revealing anything other than the number of rows. can.
- the secret relational algebra calculation system 100 of the embodiment includes N ( ⁇ 1) secret calculation devices 1 1 , ..., 1 N. When composed of multiple secret computing devices (N ⁇ 2), processing may be performed in cooperation.
- the secret computing devices 1 1 , ..., 1 N are connected to the communication network 9, respectively.
- the communication network 9 is a circuit-switched or packet-switched communication network configured so that each connected device can communicate with each other.
- the Internet LAN (Local Area Network), WAN (Wide Area Network). Etc. can be used. It should be noted that each device does not necessarily have to be able to communicate online via the communication network 9.
- the secret relational algebra unit 1 i included in the secret relational algebra calculation system 100 is, for example, as shown in FIG. 2, an input unit 11, a first relational algebra calculation unit 12, a valid row extraction unit 13, and a second relational algebra calculation unit 14. , And an output unit 15.
- the effective row extraction unit 13 includes, for example, a random replacement unit 131, a flag restoration unit 132, and an intermediate table construction unit 133.
- the secret computing device 1 i is configured by loading a special program into, for example, a publicly known or dedicated computer having a central processing unit (CPU), a main storage device (RAM: Random Access Memory), and the like. It is a special device.
- the secret calculation device 1 i executes each process under the control of the central processing unit, for example.
- the data input to the secret computing device 1i and the data obtained in each process are stored in, for example, the main storage device, and the data stored in the main storage device is read out to the central processing unit as needed. It is used for other processing.
- At least a part of each processing unit of the secret computing device 1i may be configured by hardware such as an integrated circuit.
- step S11 the ciphertext [R] that encrypts the table R ⁇ ⁇ to be calculated is input to the input unit 11 of each secret computing device 1 i .
- Table R is a table with n rows and m columns.
- the input unit 11 outputs the input ciphertext [R] of the table R to the first relational algebra calculation unit 12.
- the first relational algebra calculation unit 12 of each secret calculation device 1i receives the cipher statement [R] of Table R from the input unit 11 and calculates the protocol f sec for secretly calculating the relational algebra calculation f. That is, it calculates f sec ([R]).
- f sec outputs the ciphertext [X] which becomes the table X of n rows and m columns when restored, and the ciphertext [e] which becomes the vector e of length n when restored.
- Table X is the operation result of the relational algebra operation f for Table R. In Table X, one or more dummy rows are inserted to conceal the number of rows.
- the vector e is a flag column in which 1 is stored at a position corresponding to a valid row in Table X and 0 is stored at a position other than that (that is, a dummy row).
- the flag column e may be generated, for example, when f sec inserts a dummy row.
- the first relational algebra operation unit 12 outputs the ciphertext [X] in the table X and the ciphertext [e] in the flag column e to the valid row extraction unit 13.
- step S13 the effective row extraction unit 13 of each secret computing device 1i receives the ciphertext [X] of the table X and the ciphertext [e] of the flag column e from the first relational algebra arithmetic unit 12, and restores the intermediate. Generate the ciphertext [X'] that is the table X'. Intermediate table X'is a table with valid rows extracted from table X according to flag column e. The effective row extraction unit 13 outputs the ciphertext [X'] of the intermediate table X'to the second relational algebra calculation unit 14.
- the effective row extraction unit 13 executes the following steps S131 to S133 for implementing the above row reduction protocol ⁇ .
- step S131 the random permutation unit 131 replaces the table in which the ciphertext [X] in the table X and the ciphertext [e] in the flag sequence e are concatenated according to the random permutation ⁇ . That is, ⁇ ([X])
- step S132 the flag restoration unit 132 restores the flag sequence ⁇ [e] after random replacement. That is, ⁇ (e) ⁇ REVEAL ( ⁇ ([e])) is executed.
- step S14 the second relational algebra calculation unit 14 of each secret calculation device 1i receives the cipher [X'] of the intermediate table X'from the valid row extraction unit 13 and secretly calculates the relational algebra g. Calculate sec . That is, g sec ([X']) is calculated. g sec outputs the ciphertext [R'] which becomes table R'in n'rows and m columns when restored.
- Table R' is the operation result of the relational algebra operation g for the intermediate table X', and is the operation result of the composition of the relational algebra operations f and g for the input table R.
- Table R' may have one or more dummy rows inserted to conceal the number of rows. Also, all rows in table R'are valid rows and dummy rows may not be inserted.
- the second relational algebra arithmetic unit 14 outputs the ciphertext [R'] of the table R'to the output unit 15.
- step S15 the output unit 15 of each secret relational algebra unit 1 i receives the cipher statement [R'] of the table R'from the second relational algebra calculation unit 14, and sets it as the output of the secret relational algebra calculation system 100.
- the secret relational algebra operation system 100 of the embodiment is configured to calculate the composite g (f ( ⁇ )) of the relational algebra operations f and g once, but realizes an arbitrary query by repeating the synthesis of the relational algebra operations. It is also possible.
- the second relational algebra operation unit 14 outputs the ciphertext [e] of the flag column e indicating the valid rows of the table R'to the valid row extraction unit 13 together with the ciphertext [R'] of the table R'. do.
- the processes of the valid row extraction unit 13 and the second relational algebra calculation unit 14 are repeatedly executed until the desired query is completed.
- the second relational algebra arithmetic unit 14 outputs the ciphertext [R'] of the table R'at that time to the output unit 15.
- the program that describes this processing content can be recorded on a computer-readable recording medium.
- the computer-readable recording medium is, for example, a non-temporary recording medium, such as a magnetic recording device or an optical disk.
- the distribution of this program is carried out, for example, by selling, transferring, or renting a portable recording medium such as a DVD or CD-ROM on which the program is recorded.
- the program may be stored in the storage device of the server computer, and the program may be distributed by transferring the program from the server computer to another computer via a network.
- a computer that executes such a program first transfers the program recorded on the portable recording medium or the program transferred from the server computer to the auxiliary recording unit 1050, which is its own non-temporary storage device. Store. Then, at the time of executing the process, the computer reads the program stored in the auxiliary recording unit 1050, which is its own non-temporary storage device, into the storage unit 1020, which is the temporary storage device, and follows the read program. Execute the process. Further, as another execution form of this program, a computer may read the program directly from a portable recording medium and execute processing according to the program, and further, the program is transferred from the server computer to this computer. It is also possible to execute the process according to the received program one by one each time.
- ASP Application Service Provider
- the program in this embodiment includes information to be used for processing by a computer and equivalent to the program (data that is not a direct command to the computer but has a property of defining the processing of the computer, etc.).
- the present device is configured by executing a predetermined program on the computer, but at least a part of these processing contents may be realized by hardware.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computational Mathematics (AREA)
- Mathematical Physics (AREA)
- Data Mining & Analysis (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- Software Systems (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Algebra (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
本明細書における記法を説明する。ベクトルをアルファベットの小文字(例えば、x)で記述する。ベクトルxのi番目の要素はxiで表す。σ(x)はベクトルxを置換σにより置換したベクトルを表す。二次元配列(表)はアルファベットの大文字(例えば、X)で記述する。値xを暗号化した値を[x]と記述する。また、ベクトルxの各要素が暗号化されたベクトルも[x]と記述する。表Xの各要素が暗号化された表は[X]と記述する。
以下、本明細書で用いる用語の定義を説明する。
秘密計算とは、データを秘匿したまま所定の計算を行う技術の総称である。具体的な実現方法としては例えば秘密分散に基づく方法が挙げられる。秘密分散とは、データを複数の値に分割して複数のパーティに分散する暗号化手法である。秘密計算に用いることができる秘密分散としては、(k, n)閾値秘密分散が挙げられる。(k, n)閾値秘密分散とは、データをn個のランダムな値(「シェア」と呼ばれる)に分割して、k個以上のシェアを集めると元のデータを復元でき、k個未満のシェアからは元データの情報を得られない性質を持つ秘密分散法である。公知の(k, n)閾値秘密分散には、シャミア秘密分散(参考文献1参照)や複製秘密分散(参考文献2,3参照)がある。
〔参考文献2〕Mitsuru Ito, Akira Saito, and Takao Nishizeki, "Secret sharing scheme realizing general access structure", Electronics and Communications in Japan (Part III: Fundamental Electronic Science), Vol. 72, No. 9, pp. 56-64, 1989.
〔参考文献3〕Ronald Cramer, Ivan Damgard, and Yuval Ishai, "Share conversion, pseudorandom secret-sharing and applications to secure computation", Theory of Cryptography Conference, pp. 342-362. Springer, 2005.
ランダム置換とは、一次元配列(ベクトル)をランダムな置換σでシャッフルするプロトコルである。ランダム置換は二次元配列(表)に対しても適用することができる。本明細書では、二次元配列Xが秘匿された表[X]を置換σでシャッフルする演算を、σ[X]←RANDPERM([X])と記述する。この場合、二次元配列Xの各列が同じランダム置換σにより置換されていることを表す。
秘密分散された値(またはベクトル)[x]を復元し、元の値(またはベクトル)xを得る操作である。本明細書では、この演算を、x←REVEAL([x])と記述する。
実施形態の秘密関係代数演算システムは、関係代数演算f, gの合成g(f(・))を、行数以外は秘匿する条件の下で秘密計算する秘密関係代数演算プロトコルを実行する情報処理システムである。ここで、秘密関係代数演算プロトコルは、関係代数演算f, gによらない汎用的なプロトコルとする。
Protocol 1: 行削減プロトコルφ
---------------------------------------------------------------------
Input: [X], [e](ただし、Xは行数n、列数mの表、eは選択する行に対応する位置に1、そうでない位置に0が格納された長さnのフラグ列)
Output: [X'](ただし、X'は行数n'(<n)、列数mの表)
1: σ([X])||σ([e])←RANDPERM([X]||[e])
2: σ(e)←REVEAL(σ([e]))
3: σ(ei)=1であるようなn'個のレコードσ([X]i)のみを選択した[X']を構築する。
4: return [X']
=====================================================================
実施形態の秘密関係代数演算システム100は、関係代数演算f, gの合成g(f(・))を1回計算する構成としたが、関係代数演算の合成の繰り返しにより任意のクエリを実現することも可能である。この場合、第二関係代数演算部14は、表R'の暗号文[R']と共に表R'の有効な行を示すフラグ列eの暗号文[e]を、有効行抽出部13へ出力する。その後、有効行抽出部13と第二関係代数演算部14の処理を、所望のクエリが完了するまで繰り返し実行する。そして、所望のクエリが完了した際に、第二関係代数演算部14は、その時点の表R'の暗号文[R']を出力部15へ出力する。
先行の関係代数演算から後続の関係代数演算に入力される演算結果を有効な行のみとすると行数の情報は秘匿できない。しかしながら、関係代数演算の演算結果の行数は統計値とみなせるため、漏洩するプライバシーの影響は小さいと考えられる。一方で、入力する行数が少なくなることで、後続の関係代数演算の性能は大幅に向上することが期待される。例えば、関係代数演算の1000万行の出力のうち1行のみが有効であっても、行数をも秘匿する場合その定義上1000万行のデータが後続の関係代数演算の入力となることは避けられない。一方、本発明の構成によれば1行のみが後続の関係代数演算の入力となり、1/1000万に入力行数を削減できる。実際に、上記の行削減プロトコルφを3パーティのマルチパーティー計算システムで実行した結果、削減できる実行時間と比較してオーバーヘッドは十分に小さく、実行時間の削減に有効であることが確認されている。
上記実施形態で説明した各装置における各種の処理機能をコンピュータによって実現する場合、各装置が有すべき機能の処理内容はプログラムによって記述される。そして、このプログラムを図4に示すコンピュータの記憶部1020に読み込ませ、演算処理部1010、入力部1030、出力部1040などに動作させることにより、上記各装置における各種の処理機能がコンピュータ上で実現される。
Claims (7)
- 複数台の秘密計算装置を含み、演算対象の入力表に対して関係代数演算の合成を秘密計算する秘密関係代数演算システムであって、
各秘密計算装置は、
前記入力表または中間表に対して前記関係代数演算を秘密計算する関係代数演算部と、
前記関係代数演算の演算結果から有効な行を抽出した前記中間表を生成する有効行抽出部と、
を含む秘密関係代数演算システム。 - 請求項1に記載の秘密関係代数演算システムであって、
前記秘密関係代数演算システムは、前記入力表に対して関係代数演算の合成の繰り返しにより任意のクエリを秘密計算するものであり、
前記関係代数演算部と前記有効行抽出部の処理を、前記任意のクエリが完了するまで繰り返し実行する、
秘密関係代数演算システム。 - 請求項2に記載の秘密関係代数演算システムであって、
前記関係代数演算部は、前記関係代数演算の演算結果と共に、その演算結果中の有効な行を示すフラグ列を出力するものであり、
前記有効行抽出部は、
前記演算結果と前記フラグ列とを連結した表に対してランダム置換を秘密計算するランダム置換部と、
ランダム置換後の前記フラグ列を復元するフラグ復元部と、
ランダム置換後の前記演算結果から復元後の前記フラグ列に従って有効な行を抽出することで前記中間表を構築する中間表構築部と、
を含む秘密関係代数演算システム。 - 演算対象の入力表に対して関係代数演算の合成を秘密計算する秘密計算装置であって、
前記入力表または中間表に対して前記関係代数演算を秘密計算する関係代数演算部と、
前記関係代数演算の演算結果から有効な行を抽出した前記中間表を生成する有効行抽出部と、
を含む秘密計算装置。 - 複数台の秘密計算装置を含む秘密関係代数演算システムが実行する、演算対象の入力表に対して関係代数演算の合成を秘密計算する秘密関係代数演算方法であって、
各秘密計算装置の関係代数演算部が、前記入力表または中間表に対して前記関係代数演算を秘密計算し、
各秘密計算装置の有効行抽出部が、前記関係代数演算の演算結果から有効な行を抽出した中間表を生成する、
秘密関係代数演算方法。 - 1台の秘密計算装置が実行する、演算対象の入力表に対して関係代数演算の合成を秘密計算する秘密関係代数演算方法であって、
前記秘密計算装置の関係代数演算部が、前記入力表または中間表に対して前記関係代数演算を秘密計算し、
前記秘密計算装置の有効行抽出部が、前記関係代数演算の演算結果から有効な行を抽出した中間表を生成する、
秘密関係代数演算方法。 - 請求項5または6に記載の秘密関係代数演算方法の各ステップをコンピュータに実行させるためのプログラム。
Priority Applications (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US18/271,238 US20240061904A1 (en) | 2021-01-13 | 2021-01-13 | Secure relational algebraic operation system, secure computation apparatus, secure relational algebraic operation method, and program |
JP2022574900A JP7552734B2 (ja) | 2021-01-13 | 2021-01-13 | 秘密関係代数演算システム、秘密計算装置、秘密関係代数演算方法、およびプログラム |
CN202180090008.XA CN116686029A (zh) | 2021-01-13 | 2021-01-13 | 秘密关系代数运算系统、秘密计算装置、秘密关系代数运算方法及程序 |
AU2021418342A AU2021418342A1 (en) | 2021-01-13 | 2021-01-13 | Secure relational algebraic operation system, secure computation apparatus, secure relational algebraic operation method, and program |
PCT/JP2021/000793 WO2022153383A1 (ja) | 2021-01-13 | 2021-01-13 | 秘密関係代数演算システム、秘密計算装置、秘密関係代数演算方法、およびプログラム |
EP21919279.6A EP4250274A4 (en) | 2021-01-13 | 2021-01-13 | SECURE RELATIONAL ALGEBRA OPERATION SYSTEM, SECURE CALCULATION DEVICE, SECURE RELATIONAL ALGEBRA OPERATION METHOD, AND PROGRAM |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2021/000793 WO2022153383A1 (ja) | 2021-01-13 | 2021-01-13 | 秘密関係代数演算システム、秘密計算装置、秘密関係代数演算方法、およびプログラム |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022153383A1 true WO2022153383A1 (ja) | 2022-07-21 |
Family
ID=82446971
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2021/000793 WO2022153383A1 (ja) | 2021-01-13 | 2021-01-13 | 秘密関係代数演算システム、秘密計算装置、秘密関係代数演算方法、およびプログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US20240061904A1 (ja) |
EP (1) | EP4250274A4 (ja) |
JP (1) | JP7552734B2 (ja) |
CN (1) | CN116686029A (ja) |
AU (1) | AU2021418342A1 (ja) |
WO (1) | WO2022153383A1 (ja) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200242234A1 (en) * | 2019-01-28 | 2020-07-30 | Nec Corporation Of America | Secure multiparty computation of shuffle, sort, and set operations |
-
2021
- 2021-01-13 AU AU2021418342A patent/AU2021418342A1/en active Pending
- 2021-01-13 CN CN202180090008.XA patent/CN116686029A/zh active Pending
- 2021-01-13 JP JP2022574900A patent/JP7552734B2/ja active Active
- 2021-01-13 EP EP21919279.6A patent/EP4250274A4/en active Pending
- 2021-01-13 US US18/271,238 patent/US20240061904A1/en active Pending
- 2021-01-13 WO PCT/JP2021/000793 patent/WO2022153383A1/ja active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200242234A1 (en) * | 2019-01-28 | 2020-07-30 | Nec Corporation Of America | Secure multiparty computation of shuffle, sort, and set operations |
Non-Patent Citations (10)
Title |
---|
"Database and Knowledge Discovery", 10 October 2013, CORONASHA CO., LTD., JP, ISBN: 978-4-339-02472-2, article KITAKAMI, HAJIME: "4.2.2. Relational Algebra Expressions, with Examples", pages: 53 - 55, XP009548449 * |
ADI SHAMIR: "How to share a secret", COMMUNICATIONS OF THE ACM, vol. 22, no. 11, 1979, pages 612 - 613, XP000565227, DOI: 10.1145/359168.359176 |
DAI IKARASHIKOKI HAMADARYO KIKUCHIKOJI CHIDA: "Improvement of cardinal number sorting in secure computation aiming at statistical processing of 1 second response in Internet environment", SCIS2014, 2014, pages 1 - 8 |
IGARASHI, DAI; HAMADA, KOKI; KIKUCHI, RYO: "We have not realized the most important thing - Designs and implementations of secure outer-join protocols", PROCEEDINGS OF COMPUTER SECURITY SYMPOSIUM 2018 (CSS2018), 15 October 2018 (2018-10-15), JP , pages 1221 - 1228, XP009525699 * |
KOKI HAMADA, RYO KIKUCHI, DAI IKARASHI, KOJI CHIDA: "2C2-2: Table-size-hiding Equijoin on Secure Function Evaluation", PROCEEDINGS OF THE 2013 SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY; JANUARY 22-25, 2013, 22 January 2013 (2013-01-22), JP, pages 1 - 6, XP009546463 * |
MITSURU ITOAKIRA SAITOTAKAO NISHIZEKI: "Secret sharing scheme realizing general access structure", ELECTRONICS AND COMMUNICATIONS IN JAPAN, vol. 72, no. 9, 1989, pages 56 - 64 |
NAOTO KIRIBUCHIDAI IKARASHI: "Design of a Database System Processable Under Keeping Data Confidentiality", CSS2015, 2015, pages 419 - 426, XP055499894 |
RONALD CRAMERIVAN DAMGARDYUVAL ISHAI: "Theory of Cryptography Conference", 2005, SPRINGER, article "Share conversion, pseudorandom secret-sharing and applications to secure computation", pages: 342 - 362 |
See also references of EP4250274A4 |
YUSUKE ISHIDAATSUSHI KUNIIJUNICHI OKETANISATSUYA OHATATAKAHIRO MATSUDANUTTAPONG ATTRAPADUNGGOICHIRO HANAOKA: "Query Ahead: Design and implementation of a secure DB query system capable of easy description", SCIS2020, 2020, pages 1 - 8 |
Also Published As
Publication number | Publication date |
---|---|
US20240061904A1 (en) | 2024-02-22 |
CN116686029A (zh) | 2023-09-01 |
AU2021418342A1 (en) | 2023-07-20 |
EP4250274A4 (en) | 2024-09-04 |
JP7552734B2 (ja) | 2024-09-18 |
EP4250274A1 (en) | 2023-09-27 |
JPWO2022153383A1 (ja) | 2022-07-21 |
AU2021418342A9 (en) | 2024-05-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2901359B1 (en) | Secure private database querying with content hiding bloom filters | |
JP6989006B2 (ja) | 秘密集約関数計算システム、秘密計算装置、秘密集約関数計算方法、およびプログラム | |
JP6973633B2 (ja) | 秘密集約最大値システム、秘密集約最小値システム、秘密計算装置、秘密集約最大値方法、秘密集約最小値方法、およびプログラム | |
JP5872085B1 (ja) | 分散値変換システム、分散値変換装置、分散値変換方法、およびプログラム | |
JPWO2019208484A1 (ja) | 秘密集約総和システム、秘密計算装置、秘密集約総和方法、およびプログラム | |
CN112000632B (zh) | 密文的分享方法、介质、分享客户端及系统 | |
JP6605746B2 (ja) | 秘密等結合システム、秘密等結合装置、秘密等結合方法、プログラム | |
JP7327517B2 (ja) | 秘匿ハッシュテーブル構築システム、参照システム、およびそれらの方法 | |
WO2021124520A1 (ja) | 秘密乱数生成システム、秘密計算装置、秘密乱数生成方法、およびプログラム | |
WO2022153383A1 (ja) | 秘密関係代数演算システム、秘密計算装置、秘密関係代数演算方法、およびプログラム | |
WO2019221108A1 (ja) | 秘密クロス集計システム、秘密計算装置、秘密クロス集計方法、およびプログラム | |
Muthukumar et al. | Modified secret sharing algorithm for secured medical data sharing in cloud environment | |
EP3246900B1 (en) | Matrix and key generation device, matrix and key generation system, matrix coupling device, matrix and key generation method, and program | |
EP3754894B1 (en) | Encrypted data comparison device, encrypted data comparison system, and encrypted data comparison method | |
WO2022259366A1 (ja) | 秘密計算装置、秘密計算システム、秘密計算方法、およびプログラム | |
EP3813042B1 (en) | Secret combination system, method, secret calculation device, and program | |
WO2024018504A1 (ja) | クライアント装置、秘密テーブル管理システム、レコード登録要求生成方法、レコード登録方法、処理要求実行方法、プログラム | |
WO2023276142A1 (ja) | 秘密等結合装置、秘密等結合方法、およびプログラム | |
WO2022254691A1 (ja) | 秘密計算装置、秘密計算システム、秘密計算方法、およびプログラム | |
US11886617B1 (en) | Protecting membership and data in a secure multi-party computation and/or communication | |
US11989325B1 (en) | Protecting membership in a secure multi-party computation and/or communication | |
Mogarala et al. | Proficient hamming weight based RSA-MD5 security for data storage in multi cloud environment | |
WO2020036127A1 (ja) | 秘密結合情報生成システム、秘密結合システム、これらの方法、秘密計算装置及びプログラム | |
Swathy et al. | Review on k-nearest neighbor classification over semantically secure encrypted relational data | |
CN117581227A (zh) | 秘密计算系统、装置、方法以及程序 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21919279 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2022574900 Country of ref document: JP Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2021919279 Country of ref document: EP Effective date: 20230619 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 18271238 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 202180090008.X Country of ref document: CN |
|
ENP | Entry into the national phase |
Ref document number: 2021418342 Country of ref document: AU Date of ref document: 20210113 Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |