-
91.发明授权Secure function evaluation for a covert client and a semi-honest server using string selection oblivious transfer 有权使用字符串选择忽略传输的隐蔽客户端和半诚实服务器的安全功能评估公开(公告)号:US08990570B2
公开(公告)日:2015-03-24
申请号:US13562690
申请日:2012-07-31
CPC分类号: H04L9/085 , G06F21/6245 , G09C1/00 , H04L9/0662 , H04L9/0838 , H04L9/0861 , H04L9/3218 , H04L2209/12 , H04L2209/46 , H04L2209/50 , H04L2209/56
摘要: Methods and apparatus are provided for secure function evaluation for a covert client and a semi-honest server using string selection oblivious transfer. An information-theoretic version of a garbled circuit C is sliced into a sequence of shallow circuits C1, . . . Cn, that are evaluated. Consider any wire wj of C that is an output wire of Ci, and is an input wire of Ci+1. When a slice Ci is evaluated, Ci's 1-bit wire key for wj is computed by the evaluator, and then used, via string selection oblivious transfer (SOT), to obtain the wire key for the corresponding input wire of Ci+1. This process repeats until C's output wire keys are computed by the evaluator. The 1-bit wire keys of the output wires of the slice are randomly assigned to wire values.
摘要翻译: 提供了方法和设备,用于隐蔽客户端和使用字符串选择忽略传输的半诚实服务器的安全功能评估。 混乱电路C的信息理论版本被切割成浅电路C1,...的序列。 。 。 Cn,被评估。 考虑作为Ci的输出线的C的任何线wj,并且是Ci + 1的输入线。 当评估切片Ci时,由评估者计算用于wj的Ci的1位线密钥,然后通过字符串选择忽略传输(SOT)来使用,以获得Ci + 1的相应输入线的线键。 该过程重复,直到C的输出线键由计算器计算。 片的输出线的1位线键被随机分配给线值。
-
92.发明授权Method of efficient secure function evaluation using resettable tamper-resistant hardware tokens 有权使用可重置的防篡改硬件令牌的高效安全功能评估方法公开(公告)号:US08923519B2
公开(公告)日:2014-12-30
申请号:US12455193
申请日:2009-05-29
申请人: Vladimir Kolesnikov
发明人: Vladimir Kolesnikov
CPC分类号: G06F21/606 , H04L9/0662 , H04L9/0897 , H04L9/3234 , H04L9/3271 , H04L2209/50
摘要: An embodiment of the present invention provides a computer implemented method for the transfer of private information of one user to another user—a primitive known as Oblivious Transfer. An output from a strong pseudorandom function generation (SPRFG) is calculated by a first user's computing module based on first and second parameters: the first parameter specifying one of two secret keys; the second parameter being a value selected within the domain of the SPRFG by the first user. The first user is prevented from reading or learning the stored two secret keys. The output is transmitted to a computer of a second user which generates first and second encrypted values that are each based on an inverse SPRFG calculation using the first and second secret keys, respectively, and corresponding private values of the second user. The encrypted values are sent to a first computer of the first user that calculates one of the private values using a mathematical computation based on the second parameter and the one of the first and second encrypted values that corresponds to the one of the first and second key used.
摘要翻译: 本发明的一个实施例提供了一种计算机实现的方法,用于将一个用户的私人信息传送给另一个用户 - 被称为永久传递的原语。 来自强伪随机函数生成(SPRFG)的输出由第一用户的计算模块基于第一和第二参数计算:第一参数指定两个秘密密钥之一; 第二参数是由第一用户在SPRFG的域内选择的值。 阻止第一用户阅读或学习所存储的两个秘密密钥。 输出被发送到第二用户的计算机,其产生分别基于使用第一和第二秘密密钥的反向SPRFG计算以及第二用户的对应私有值的第一和第二加密值。 将加密的值发送到第一用户的第一计算机,该第一计算机使用基于第二参数的数学计算和与第一和第二密钥中的一个对应的第一和第二加密值中的一个来计算私有值之一 用过的。
-
93.发明授权公开(公告)号:US08625782B2
公开(公告)日:2014-01-07
申请号:US12703150
申请日:2010-02-09
申请人: Shantanu Rane , Wei Sun
发明人: Shantanu Rane , Wei Sun
IPC分类号: H04L9/00
CPC分类号: H04L9/008 , H04L2209/46 , H04L2209/50
摘要: Embodiments of the invention discloses a system and a method for determining an encrypted edit distance as an encryption of a minimum cost of transformation of a first sequence into a second sequence based on an insertion cost, a deletion cost, and a substitution cost. The method determines recursively a current element of the matrix as an encryption of a minimum of a first element, a second element, and a third element to produce the dynamic programming solution, wherein the first element represents the insertion cost, the second element represents the deletion cost, and the third element represents the substitution costs, and wherein the current element, the first element, the second element, and the third element are homomorphically encrypted with a public key; and selects the dynamic programming solution as the encrypted edit distance, wherein steps of the method are performed by a first processor and a second processor.
摘要翻译: 本发明的实施例公开了一种用于基于插入成本,删除成本和替代成本来确定加密编辑距离作为第一序列到第二序列的最小转换成本的加密的系统和方法。 该方法递归地确定矩阵的当前元素作为第一元素,第二元素和第三元素的最小值的加密以产生动态规划解决方案,其中第一元素表示插入成本,第二元素表示 删除成本,第三元素表示替代成本,并且其中当前元素,第一元素,第二元素和第三元素被公共密钥同态加密; 并且选择动态编程解决方案作为加密的编辑距离,其中该方法的步骤由第一处理器和第二处理器执行。
-
公开(公告)号:US08539220B2
公开(公告)日:2013-09-17
申请号:US12713206
申请日:2010-02-26
申请人: Mariana Raykova , Seny F. Kamara
发明人: Mariana Raykova , Seny F. Kamara
CPC分类号: H04L63/0428 , H04L9/008 , H04L9/0861 , H04L9/0869 , H04L9/3218 , H04L2209/50
摘要: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.
摘要翻译: 服务器模块基于由各个参与者模块提供的隐藏输入来评估电路,以提供隐藏的输出。 凭借这种方法,交易的任何一方(包括服务器模块)都不会发现任何其他方的非隐蔽输入。 在第一个实现中,服务器模块评估一个乱码布尔电路。 该实现还使用三向遗忘传输技术来从参与者模块之一向存储器模块提供隐藏的输入。 在第二个实现中,服务器模块基于使用完全同态加密技术产生的密文来评估运算电路。 该实现修改在运算电路的评估中通过修正因子执行的乘法运算; 这消除了可以执行的乘法运算的数量上的界限。
-
95.发明申请公开(公告)号:US20130227274A1
公开(公告)日:2013-08-29
申请号:US13775912
申请日:2013-02-25
IPC分类号: G06F21/60
CPC分类号: H04L63/045 , G06F21/602 , H04L9/3013 , H04L63/062 , H04L2209/42 , H04L2209/50
摘要: A server receives from a client at least one interest pseudonym produced by a double application of a pseudo random function to at least one interest of the client. The server encrypts an item. The server computes at least one intermediate topic pseudonym for at least one topic associated with the item by applying the function to each of the at least one topic associated with the item. The server transmits the at least one intermediate topic pseudonym, the at least one interest pseudonym, and the encrypted item to a third party. The third party may apply the function to the at least one intermediate topic pseudonym to produce at least one topic pseudonym associated with the item and transmit the encrypted item to the client for decryption when one of the at least one masked topic pseudonym is equal to one of the at least one interest pseudonym of the client.
摘要翻译: 服务器从客户端接收由伪随机函数的双重应用产生的至少一个兴趣假名到客户端的至少一个兴趣。 服务器加密一个项目。 所述服务器通过将所述功能应用于与所述项目相关联的所述至少一个主题中的每一个来计算与所述项目相关联的至少一个主题的至少一个中间主题假名。 服务器将至少一个中间主题假名,至少一个兴趣化名和加密的项目发送给第三方。 所述第三方可以将所述功能应用于所述至少一个中间主题假名以产生与所述项目相关联的至少一个主题假名,并且当所述至少一个被掩盖的主题假名中的一个等于一个时,将所述加密的项目发送到所述客户机进行解密 的客户端的至少一个兴趣化名。
-
96.发明申请公开(公告)号:US20130227273A1
公开(公告)日:2013-08-29
申请号:US13775941
申请日:2013-02-25
IPC分类号: H04L29/06
CPC分类号: H04L63/045 , G06F21/602 , H04L9/3013 , H04L63/062 , H04L2209/42 , H04L2209/50
摘要: A method and system for providing privacy in a publish-subscribe protocol is provided. A server transmits to a client a public key. The server receives from the client a pseudonym of an interest based on a division malleable commitment method applied to the public key, wherein the pseudonym of the interest functions as a commitment of the client. The server encrypts an item with a padded key and encrypting the padded key. The server transmits to the client, the encrypted item and a pseudonym of a topic associated with the item based on a modification of the commitment by the server using a hybrid conditional-oblivious transfer protocol. When the interest of the client equals the topic associated with the item, the client retrieves a correct padded key to decrypt the encrypted data item; otherwise the client retrieves a random key that is unable to decrypt the encrypted data item.
摘要翻译: 提供了一种用于在发布 - 订阅协议中提供隐私的方法和系统。 服务器向客户端发送公钥。 服务器根据应用于公钥的划分可延展承诺方法从客户端接收感兴趣的假名,其中,该兴趣的假名作为客户端的承诺。 服务器使用填充密钥对项目进行加密,并加密填充密钥。 基于服务器使用混合条件忽略传输协议的承诺的修改,服务器向服务器发送加密项目和与该项目相关联的主题的假名。 当客户的兴趣等于与该项目相关联的主题时,客户端检索正确的填充密钥来解密加密的数据项; 否则客户端检索无法解密加密数据项的随机密钥。
-
公开(公告)号:US08522040B2
公开(公告)日:2013-08-27
申请号:US12909302
申请日:2010-10-21
IPC分类号: H04L29/06
CPC分类号: G06F21/6263 , G06F21/6227 , G06F21/6254 , G06F2221/2107 , H04L9/3221 , H04L2209/42 , H04L2209/50
摘要: A protocol for anonymous access to a database where the different records have different access control permissions is described. The permissions can be attributes, roles or rights that an authorized user needs to have to access the record. The database provider does not learn which record the user accesses and which attributes or roles the user has when she accesses the database. The database provider publishes the encrypted database where each record is encrypted with a key that is derived from at least the index of the record, its access control attributes and a secret key of the database provider. The user obtains a credential from an issuer for each access control attribute (ACL) that is associated with the user. Then the user retrieves the key for a particular record from the database provider and uses this key to decrypt the encrypted record.
摘要翻译: 描述了匿名访问数据库的协议,其中不同的记录具有不同的访问控制权限。 权限可以是授权用户需要访问该记录的属性,角色或权限。 数据库提供程序不会学习用户访问的记录,以及用户在访问数据库时具有哪些属性或角色。 数据库提供者使用至少从记录的索引,其访问控制属性和数据库提供者的密钥导出的密钥来发布加密数据库,其中每个记录被加密。 用户从与用户相关联的每个访问控制属性(ACL)的颁发者处获得凭证。 然后,用户从数据库提供者检索特定记录的密钥,并使用该密钥解密加密记录。
-
公开(公告)号:US20120167189A1
公开(公告)日:2012-06-28
申请号:US13344648
申请日:2012-01-06
CPC分类号: H04L9/3213 , H04L9/006 , H04L9/3218 , H04L63/0407 , H04L63/0807 , H04L2209/42 , H04L2209/50 , H04L2209/56 , H04L2209/603
摘要: An OT or Oblivious Transfer protocol is used to output pseudonym tokens from a list of pseudonym tokens to user entities such that it is possible to obtain pseudonymized authentication by a preceding verification of proof of identity of the respective user entities and marking pseudonym tokens as used as soon as the same are used for authentication by means of the OT protocol after the output.
摘要翻译: OT或Oblivious传输协议用于从假名称令牌列表输出假名称到用户实体,使得可以通过先前的相应用户实体的身份证明的验证和标记假名令牌来获得假名认证,如 在输出后,通过OT协议使用相同的认证方式。
-
99.发明申请公开(公告)号:US20110194691A1
公开(公告)日:2011-08-11
申请号:US12703150
申请日:2010-02-09
申请人: Shantanu Rane , Wei Sun
发明人: Shantanu Rane , Wei Sun
CPC分类号: H04L9/008 , H04L2209/46 , H04L2209/50
摘要: Embodiments of the invention discloses a system and a method for determining an encrypted edit distance as an encryption of a minimum cost of transformation of a first sequence into a second sequence based on an insertion cost, a deletion cost, and a substitution cost. The method determines recursively a current element of the matrix as an encryption of a minimum of a first element, a second element, and a third element to produce the dynamic programming solution, wherein the first element represents the insertion cost, the second element represents the deletion cost, and the third element represents the substitution costs, and wherein the current element, the first element, the second element, and the third element are homomorphically encrypted with a public key; and selects the dynamic programming solution as the encrypted edit distance, wherein steps of the method are performed by a first processor and a second processor.
摘要翻译: 本发明的实施例公开了一种用于基于插入成本,删除成本和替代成本来确定加密编辑距离作为第一序列到第二序列的最小转换成本的加密的系统和方法。 该方法递归地确定矩阵的当前元素作为第一元素,第二元素和第三元素的最小值的加密以产生动态规划解决方案,其中第一元素表示插入成本,第二元素表示 删除成本,第三元素表示替代成本,并且其中当前元素,第一元素,第二元素和第三元素被公共密钥同态加密; 并且选择动态编程解决方案作为加密的编辑距离,其中该方法的步骤由第一处理器和第二处理器执行。
-
100.发明授权公开(公告)号:US07987201B2
公开(公告)日:2011-07-26
申请号:US12365837
申请日:2009-02-04
IPC分类号: G06F17/30
CPC分类号: G06F7/723 , H04L9/3013 , H04L2209/12 , H04L2209/50
摘要: A method, article of manufacture and apparatus for performing private retrieval of information from a database is disclosed. In one embodiment, the method comprising obtaining an index corresponding to information to be retrieved from the database and generating a query that does not reveal the index to the database. The query is an arithmetic function of the index and a secret value, wherein the arithmetic function includes a multiplication group specified by a modulus of a random value whose order is divisible by a prime power, such that the prime power is an order of the random value. The secret value is an arithmetic function of the index that comprises a factorization into prime numbers of the modulus. The method further comprises communicating the query to the database for execution of the arithmetic function against the entirety of the database.
-
-
-
-
-
-
-
-
-
搜索结果
139 条记录 (耗时 0.027 秒)
