WO2023281693A1 - 秘密計算システム、装置、方法及びプログラム - Google Patents

秘密計算システム、装置、方法及びプログラム Download PDF

Info

Publication number
WO2023281693A1
WO2023281693A1 PCT/JP2021/025769 JP2021025769W WO2023281693A1 WO 2023281693 A1 WO2023281693 A1 WO 2023281693A1 JP 2021025769 W JP2021025769 W JP 2021025769W WO 2023281693 A1 WO2023281693 A1 WO 2023281693A1
Authority
WO
WIPO (PCT)
Prior art keywords
ciphertext
vector
secure computing
calculation units
generate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2021/025769
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
亮 菊池
大 五十嵐
弘貴 須藤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NTT Inc
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to US18/574,762 priority Critical patent/US12412487B2/en
Priority to CN202180100254.9A priority patent/CN117581227A/zh
Priority to PCT/JP2021/025769 priority patent/WO2023281693A1/ja
Priority to EP21949326.9A priority patent/EP4350561A4/en
Priority to JP2023532977A priority patent/JP7582477B2/ja
Publication of WO2023281693A1 publication Critical patent/WO2023281693A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/16Matrix or vector computation, e.g. matrix-matrix or matrix-vector multiplication, matrix factorization
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/46Secure multiparty computation, e.g. millionaire problem

Definitions

  • the present invention relates to technology for performing database operations while keeping data confidential.
  • the group by operation which is a type of DB processing, is a grouping process that takes a table as input, groups it by the value of the specified column, and in some cases calculates statistical values for each group and outputs them in table format. is.
  • Non-Patent Document 1 proposes a method of performing group by operations while they are encrypted.
  • the input/output considered here was a table obtained by encrypting each element of a normal table.
  • the input/output may be given a flag indicating whether or not a certain record is the original output.
  • FIG. 7(b) shows an example of an encrypted table in Non-Patent Document 1
  • FIG. 7(c) shows an example of a table with added flags.
  • Non-Patent Document 1 does not work when a table to which the flags illustrated in FIG. 7(c) are added is input. This is because, in addition to the fact that the input format is different, until now all records were assumed to have meaningful values, so for example, it was not possible to skip unused records and perform processing. , the value of "?” which should be ignored affects the final result, and the original result cannot be obtained.
  • An object of the present invention is to provide a secure computing system, device, method, and program for performing group by count calculations on tables to which flags have been added.
  • ciphertext [f ⁇ ] of the vector f ⁇ and the ciphertext [k ⁇ ] of the vector k ⁇ to convert the vector f
  • FIG. 1 is a diagram showing an example of the functional configuration of a secure computing system.
  • FIG. 2 is a diagram illustrating an example of a functional configuration of a secure computing device;
  • FIG. 3 is a diagram showing an example of an algorithm.
  • FIG. 4 is a diagram showing an example of an algorithm.
  • FIG. 5 is a diagram for explaining an example of input and an example of output.
  • FIG. 6 is a diagram showing an example of a processing procedure of a secure calculation method.
  • FIG. 7 is a diagram for explaining the background art.
  • FIG. 8 is a diagram showing a functional configuration example of a computer.
  • encryption is performed by a method such as secret sharing (for example, Reference 1) or homomorphic encryption (for example, Reference 2), which allows the following calculations to be performed while encrypted.
  • a method such as secret sharing (for example, Reference 1) or homomorphic encryption (for example, Reference 2), which allows the following calculations to be performed while encrypted.
  • the - in the ciphertext [•] is a bit value
  • the ciphertext [•] may be written as the ciphertext [[•]].
  • the notation ⁇ > is sometimes used for substitution.
  • is any value, vector.
  • Different encryption may be used for stored values. That is, these encryptions may or may not all be the same.
  • [x' ⁇ ] ([x 1 '],...,[x n ']).
  • priority is given to the original order of x ⁇ .
  • stable sort consists of two algorithms (GENPERM, SORT).
  • GENPERM is a function that outputs an encrypted version of the permutation ⁇ that permutes x ⁇ .
  • GENPERM is written as ⁇ > ⁇ GENPERM([x ⁇ ]).
  • SORT is a function that applies ⁇ to x ⁇ and calculates the rearranged result x′ ⁇ while keeping it encrypted.
  • SORT is described, for example, as [x ⁇ '] ⁇ SORT( ⁇ >,[x ⁇ ]).
  • SORT is e.g. ([x' ⁇ ],[y' ⁇ ]) ⁇ SORT( ⁇ >,([x ⁇ ],[y ⁇ ])).
  • a self-explanatory way to configure SORT is to use a sorting network. Also, if secret sharing is used, SORT can be efficiently performed by the method described in reference 3.
  • IFTHEN can be realized, for example, by Mult([f],[x])+Mult([1-f],[y]).
  • MODCONV is a function that takes an encrypted bit value [[a]] as an input and generates [a] with the same encrypted value but a different ciphertext form.
  • MODCONV is a function that takes a bit-value ciphertext [[a]] as input and generates ciphertext [a], a value representing a as an integer.
  • MODCONV is described, for example, as [a] ⁇ MODCONV([[a]]).
  • BITDECOMP is a function that takes an encrypted integer value [a] as an input and generates [[a]], which is the encrypted value of the same bit representation of a, but with a different ciphertext format.
  • BITDECOMP is a function that takes an integer-valued ciphertext [a] as input and generates a ciphertext [[a]] whose value is the bit representation of a.
  • the number of records in the table to be processed by the secure computing system, device, method and program is m. It is assumed that this table comprises at least a ciphertext [k ⁇ ] of a key vector k ⁇ and a ciphertext [f ⁇ ] of a flag vector f ⁇ . Let the elements of the ciphertext [f ⁇ ] be the bit ciphertext. If no bits are found, convert them to bits using the bit decomposition protocol.
  • FIG. 5(a) exemplifies a table to be processed by the secure computing system, device, method, and program. Since the group by count operation does not use values, only the ciphertext [k ⁇ ] of the key k ⁇ and the ciphertext [f ⁇ ] of the flag f ⁇ are listed in the table illustrated in FIG. 5(a). .
  • a table shown in FIG. 5B is obtained from the table shown in FIG. [k'' ⁇ ] is the ciphertext of the vector k'' ⁇ which rearranges the elements of the key vector k ⁇ .
  • [c ⁇ ] is the ciphertext of the vector c ⁇ consisting of counts.
  • [[e'' ⁇ ]] is the ciphertext of vector e'' ⁇ of flags corresponding to vector k'' ⁇ .
  • the number of keys for [1] in the ciphertext [k'' ⁇ ] is two, and the number of keys for [2] in the ciphertext [k'' ⁇ ] is one.
  • the number of keys in [3] of the ciphertext [k'' ⁇ ] is four.
  • This secure computation system and method perform a so-called group by count operation by secure computation.
  • the secure computing system includes N ( ⁇ 2) secure computing devices 1 1 , . . . , 1 N .
  • each of the secure computing devices 1 1 , . . . , 1 N is connected to the communication network 2 .
  • the communication network 2 is a circuit-switched or packet-switched communication network configured so that connected devices can communicate with each other. and so on. Note that each device does not necessarily need to be able to communicate online via the communication network 2 .
  • the secure computing device 1 n of the secure computing system includes a first computing unit 11 n , a second computing unit 12 n , a third computing unit 13 n , a fourth computing unit 14 n , and a fifth computing unit 14 n . It has a calculation unit 15 n , a sixth calculation unit 16 n , a seventh calculation unit 17 n and an output unit 18 nn .
  • each step is performed by secure calculation. That is, the secure computing device 1 n performs each step without restoring the ciphertext, in other words, without knowing the contents of the ciphertext.
  • the secure computing device 1n is configured by reading a special program into a publicly known or dedicated computer having, for example, a central processing unit (CPU) and a main memory (RAM: Random Access Memory). It is a special device.
  • the secure computing device 1 n executes each process under the control of, for example, a central processing unit. Data input to the secure computing device 1n and data obtained in each process are stored in, for example, a main memory device, and the data stored in the main memory device are read out to the central processing unit as needed. used for other processing.
  • At least a part of each component of the secure computing device 1 n may be configured by hardware such as an integrated circuit.
  • the plurality of first calculation units 11 1 Using the combined vector as a key, generate ciphertext [f' ⁇ ] and ciphertext [k' ⁇ ] of vector f' ⁇ and vector k' ⁇ by sorting vector f ⁇ and vector k ⁇ , respectively (step S1) .
  • the ciphertext [[f' ⁇ ]] is generated as the ciphertext [f' ⁇ ].
  • ciphertext [[k' ⁇ ]] and ciphertext [k' ⁇ ] are generated as ciphertext [k' ⁇ ].
  • GENPERM ([[f * ⁇ ]],[[k ⁇ ]]) uses ciphertext [[f * ⁇ ]] and ciphertext [[k ⁇ ]] to generate vectors f * ⁇ and It means the process of generating ciphertext ⁇ > of permutation ⁇ that stably sorts a vector obtained by connecting vectors k ⁇ element by element.
  • ⁇ Second calculator 12 1 ,..., 12 N > A ciphertext [f' ⁇ ] and a ciphertext [k' ⁇ ] are input to the plurality of second calculation units 12 1 , . . . , 12 N .
  • the plurality of second calculation units 12 1 , . . . , 12 N 5: each 1 ⁇ i ⁇ m-1 do 6: [[e i ]] ⁇ IFTHEN([[f' i ]]:EQ([[k' i ]],[[k' i+1 ]]),[[1]]) 7: [[e' i ]] ⁇ IFTHEN([[f' i ]]XOR[[f' i+1 ]]:[[0]],[[e i ]]) 8: [e' i ] ⁇ MODCONV([[e' i ]]) 9:[[e' m ]] 1-[[f m ]] 10:[e' m ] ⁇ MODCONV([[e' m ]])
  • Step S3 The plurality of third calculation units 13 1 , .
  • a ciphertext [[f' ⁇ ]] is further input to the plurality of third calculation units 13 1 , . . . , 13 N , and the plurality of third calculation units 13 1 , . [[f' ⁇ ]] is further used to generate the ciphertext [m'].
  • the plurality of third calculation units 13 1 , . '] may be generated.
  • the plurality of fourth calculation units 14 1 , . . . , 14 N 13 each 1 ⁇ i ⁇ m do 14: [x i ] ⁇ IFTHEN([e' i ]:[m'],[i])
  • the plurality of fifth calculation units 15 1 , . ciphertext [x' ⁇ ] , ciphertext [ k ' ' ⁇ ] and A ciphertext [e'' ⁇ ] is generated (step S5).
  • the ciphertext [[e' ⁇ ]] is used as the ciphertext [e' ⁇ ].
  • the ciphertext [[e'' ⁇ ]] is generated as the ciphertext [e'' ⁇ ].
  • the plurality of seventh calculation units 17 1 , . ciphertext [e''' ⁇ ] of ⁇ is calculated (step S2).
  • the plurality of seventh calculation units 17 1 , . . . , 17 N 20:[[e''' ⁇ ]] 1-[[e'' ⁇ ]]
  • the ciphertext [[e'' ⁇ ]] is used as the ciphertext [e'' ⁇ ]. Also, in the example of FIG. 3, the ciphertext [[e''' ⁇ ]] is generated as the ciphertext [e''' ⁇ ].
  • the output may be obtained by deleting the element corresponding to the element indicating the dummy record among the elements e i ′′ of the vector e′′ ⁇ .
  • the ciphertext [ k '' ⁇ ], the ciphertext [c ⁇ ], and the ciphertext [e''' ⁇ ] are, for example, those shown in FIG. , 18 N may output only the elements of ciphertext [k'' ⁇ ] and ciphertext [c ⁇ ] corresponding to element [1] of ciphertext [e′′′ ⁇ ].
  • the ciphertext [[e''' ⁇ ]] in FIG. 5(b) corresponds to the ciphertext [e''' ⁇ ]. That is, in this case, the plurality of output units 18 1 , .
  • the secure computing devices 1 1 , . . . , 1 N may perform so-called null processing.
  • This null processing is realized, for example, by the processing on the second line of "14:" in FIG.
  • the plurality of fourth calculation units 14 1 , . . . , 14 N 13 each 1 ⁇ i ⁇ m do 14: [x i ] ⁇ IFTHEN([e' i ]:[m'],[i]) [k'' i ] ⁇ IFTHEN([e' i ]:[null],[k'' i ])
  • the process of As a result for example, a ciphertext [k'' ⁇ ] as shown in FIG. 5(b) is generated.
  • data exchange between components of the secure computing device may be performed directly or may be performed via a storage unit (not shown).
  • a program that describes this process can be recorded on a computer-readable recording medium.
  • a computer-readable recording medium is, for example, a non-temporary recording medium, specifically a magnetic recording device, an optical disc, or the like.
  • this program will be carried out, for example, by selling, transferring, lending, etc. portable recording media such as DVDs and CD-ROMs on which the program is recorded.
  • the program may be distributed by storing the program in the storage device of the server computer and transferring the program from the server computer to other computers via the network.
  • a computer that executes such a program for example, first stores a program recorded on a portable recording medium or a program transferred from a server computer once in the auxiliary recording unit 1050, which is its own non-temporary storage device. Store. When executing the process, this computer reads the program stored in the auxiliary recording section 1050, which is its own non-temporary storage device, into the storage section 1020, and executes the process according to the read program. As another execution form of this program, the computer may read the program directly from the portable recording medium into the storage unit 1020 and execute processing according to the program. It is also possible to execute processing in accordance with the received program each time the is transferred.
  • ASP Application Service Provider
  • the above-mentioned processing is executed by a so-called ASP (Application Service Provider) type service, which does not transfer the program from the server computer to this computer, and realizes the processing function only by its execution instruction and result acquisition.
  • ASP Application Service Provider
  • the program in this embodiment includes information that is used for processing by a computer and that conforms to the program (data that is not a direct instruction to the computer but has the property of prescribing the processing of the computer, etc.).
  • the device is configured by executing a predetermined program on a computer, but at least part of these processing contents may be implemented by hardware.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Computational Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Algebra (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
PCT/JP2021/025769 2021-07-08 2021-07-08 秘密計算システム、装置、方法及びプログラム Ceased WO2023281693A1 (ja)

Priority Applications (5)

Application Number Priority Date Filing Date Title
US18/574,762 US12412487B2 (en) 2021-07-08 2021-07-08 Secret calculation system, apparatus, method and program
CN202180100254.9A CN117581227A (zh) 2021-07-08 2021-07-08 秘密计算系统、装置、方法以及程序
PCT/JP2021/025769 WO2023281693A1 (ja) 2021-07-08 2021-07-08 秘密計算システム、装置、方法及びプログラム
EP21949326.9A EP4350561A4 (en) 2021-07-08 2021-07-08 SECURE COMPUTING SYSTEM, DEVICE, METHOD AND PROGRAM
JP2023532977A JP7582477B2 (ja) 2021-07-08 2021-07-08 秘密計算システム、装置、方法及びプログラム

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/025769 WO2023281693A1 (ja) 2021-07-08 2021-07-08 秘密計算システム、装置、方法及びプログラム

Publications (1)

Publication Number Publication Date
WO2023281693A1 true WO2023281693A1 (ja) 2023-01-12

Family

ID=84801623

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/025769 Ceased WO2023281693A1 (ja) 2021-07-08 2021-07-08 秘密計算システム、装置、方法及びプログラム

Country Status (5)

Country Link
US (1) US12412487B2 (https=)
EP (1) EP4350561A4 (https=)
JP (1) JP7582477B2 (https=)
CN (1) CN117581227A (https=)
WO (1) WO2023281693A1 (https=)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014164145A (ja) * 2013-02-26 2014-09-08 Nippon Telegr & Teleph Corp <Ntt> 秘密集合演算装置及び方法
WO2016120975A1 (ja) * 2015-01-26 2016-08-04 株式会社日立製作所 データ集計分析システム及びその方法

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9043250B2 (en) * 2012-01-10 2015-05-26 Telcordia Technologies, Inc. Privacy-preserving aggregated data mining
US8572405B2 (en) * 2012-03-15 2013-10-29 Sap Ag Collusion-resistant outsourcing of private set intersection
WO2019203262A1 (ja) * 2018-04-20 2019-10-24 日本電信電話株式会社 秘密集約順位システム、秘密計算装置、秘密集約順位方法、およびプログラム
CN109255247B (zh) * 2018-08-14 2020-08-14 阿里巴巴集团控股有限公司 多方安全计算方法及装置、电子设备
JP7121195B2 (ja) * 2020-02-14 2022-08-17 グーグル エルエルシー セキュアマルチパーティリーチおよび頻度推定
EP4165846B1 (en) * 2020-06-12 2024-01-03 Swiss Reinsurance Company Ltd. Digital cross-network platform, and method thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014164145A (ja) * 2013-02-26 2014-09-08 Nippon Telegr & Teleph Corp <Ntt> 秘密集合演算装置及び方法
WO2016120975A1 (ja) * 2015-01-26 2016-08-04 株式会社日立製作所 データ集計分析システム及びその方法

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
DAI IKARASHIRYO KIKUCHIKOKI HAMADAKOJI CHIDA: "Actively private and correct MPC scheme in t < n/2 from passively secure schemes with small overhead", IACR CRYPTOLOGY EPRINT ARCHIVE, vol. 2014, 2014, pages 304
KIKUCHI, RYO ET AL.: "2020 Symposium on Cryptography and Information Security", LET'S DO A CROSS-SECTIONAL ANALYSIS OF FLOW LINE WITH SECRET CALCULATION, January 2020 (2020-01-01), pages 1 - 8 *
KOJI CHIDAKOKI HAMADADAI IKARASHIRYO KIKUCHINAOTO KIRIBUCHIBENNY PINKAS: "An efficient secure three-party sorting protocol with an honest majority", IACR CRYPTOLOGY EPRINT ARCHIVE, vol. 2019, 2019, pages 695
RYO KIKUCHIDAI IKARASHITAKAHIRO MATSUDAKOKI HAMADAKOJI CHIDA: "Efficient bitdecomposition and modulus-conversion protocols with an honest majority", ACISP, 2018, pages 64 - 82
See also references of EP4350561A4
ZVIKA BRAKERSKICRAIG GENTRYVINOD VAIKUNTANATHAN: "Fully homomorphic encryption without bootstrapping", ELECTRONIC COLLOQUIUM ON COMPUTATIONAL COMPLEXITY (ECCC, vol. 18, 2011, pages 111

Also Published As

Publication number Publication date
JPWO2023281693A1 (https=) 2023-01-12
JP7582477B2 (ja) 2024-11-13
EP4350561A1 (en) 2024-04-10
CN117581227A (zh) 2024-02-20
US12412487B2 (en) 2025-09-09
EP4350561A4 (en) 2025-04-16
US20250131855A1 (en) 2025-04-24

Similar Documents

Publication Publication Date Title
Wang et al. MILP-aided method of searching division property using three subsets and applications
JP6989006B2 (ja) 秘密集約関数計算システム、秘密計算装置、秘密集約関数計算方法、およびプログラム
JP6973632B2 (ja) 秘密集約総和システム、秘密計算装置、秘密集約総和方法、およびプログラム
JPWO2019208485A1 (ja) 秘密集約最大値システム、秘密集約最小値システム、秘密計算装置、秘密集約最大値方法、秘密集約最小値方法、およびプログラム
JP7315032B2 (ja) 暗号化データ分析装置、暗号化データ分析方法、プログラム
JP7031682B2 (ja) 秘密計算装置、システム、方法、プログラム
JP6605746B2 (ja) 秘密等結合システム、秘密等結合装置、秘密等結合方法、プログラム
JP6844897B2 (ja) ビット分解秘密計算装置、ビット結合秘密計算装置、方法およびプログラム
EP4016506B1 (en) Softmax function secret calculation system, softmax function secret calculation device, softmax function secret calculation method, neural network secret calculation system, neural network secret learning system, and program
JP2023063430A (ja) 暗号システム、鍵生成装置、暗号化装置、復号装置、方法及びプログラム
JP6973634B2 (ja) 秘密集約中央値システム、秘密計算装置、秘密集約中央値方法、およびプログラム
JP7589815B2 (ja) 秘密計算システム、装置、方法及びプログラム
JP7359225B2 (ja) 秘密最大値計算装置、方法及びプログラム
JPWO2019203262A1 (ja) 秘密集約順位システム、秘密計算装置、秘密集約順位方法、およびプログラム
CN107210005B (zh) 矩阵/密钥生成装置、矩阵/密钥生成系统、矩阵结合装置、矩阵/密钥生成方法、程序
JP7647888B2 (ja) 秘密等結合装置、秘密等結合方法、およびプログラム
JP7772205B2 (ja) 秘密計算装置、秘密計算方法、プログラム
CN106796765B (zh) 非减序列判定装置、非减序列判定方法以及记录介质
JP7747192B2 (ja) 秘密属性選択システム、秘密属性選択装置、秘密属性選択方法、プログラム
JP7582477B2 (ja) 秘密計算システム、装置、方法及びプログラム
WO2019244756A1 (ja) 秘密結合システム、方法、秘密計算装置及びプログラム
JP7747215B2 (ja) クライアント装置、秘密テーブル管理システム、レコード登録要求生成方法、レコード登録方法、処理要求実行方法、プログラム
JP7754322B2 (ja) 秘密交差結合システム、秘密交差結合装置、秘密交差結合方法、プログラム
US20250150265A1 (en) Secure computation apparatus, secure computation method, and program
WO2025062484A1 (ja) 秘密パーセンタイル値計算装置、秘密パーセンタイル値計算方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21949326

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2023532977

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 18574762

Country of ref document: US

WWE Wipo information: entry into national phase

Ref document number: 2021949326

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 202180100254.9

Country of ref document: CN

ENP Entry into the national phase

Ref document number: 2021949326

Country of ref document: EP

Effective date: 20240103

NENP Non-entry into the national phase

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 18574762

Country of ref document: US

WWG Wipo information: grant in national office

Ref document number: 18574762

Country of ref document: US