公开(公告)号：US20150358155A1

公开(公告)日：2015-12-10

申请号：US14758373

申请日：2014-01-16

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Dai IKARASHI ,  Ryo KIKUCHI ,  Koki HAMADA ,  Koji CHIDA

IPC: H04L9/08 ,  G06F21/71 ,  G06F7/58

CPC classification number: H04L9/085 ,  G06F7/582 ,  G06F21/71 ,  H04L2209/46

Abstract: Each of at least three arithmetic units includes: a random number generator determining shared value [r] obtained by performing secret sharing of random number r; a randomizator using shared value [a0], . . . ,[aM−1] obtained by performing secret sharing of value a0, . . . , aM−1 and shared value [r] to generate randomized shared value , . . . , with shared values [a0], . . . , [aM−1] and [a0r], . . . , [aM−1r] as a pair; a secret computator determining concealed function value [F([a0], . . . , [aM−1])] by executing function F including at least one secret operation while including randomized shared value of an operation target and an operation result depending on contents of secret operation into checksum C:= , . . . , ; and a correctness prover verifying correctness of function value [F([a0], . . . , [aM−1])] based on shared value [Ø] obtained by multiplying a sum total of shared values [f1] included in checksum C by shared value [r] and shared value [ψ] of a sum total of shared values [fir] included in checksum C.

Abstract translation: 至少三个算术单元中的每一个包括：通过执行随机数r的秘密共享获得的确定共享值[r]的随机数生成器; 一个使用共享值的随机选择器[a0]，。 。 。 ，通过执行值a0的秘密共享获得的[aM-1]。 。 。 ，aM-1和共享值[r]生成随机共享值，。 。 。 ，共享值[a0]，。 。 。 ，[aM-1]和[a0r]，。 。 。 ，[aM-1r]为一对; 通过执行包括至少一个秘密操作的功能，同时包括操作对象的随机化共享值和操作的操作来确定隐藏的功能值[F（[a0]，...，[aM-1]）] 结果取决于秘密操作的内容到校验和C：= ，。 。 。 ，; 以及基于通过将包括在校验和C中的共享值[f1]的总和获得的共享值[Ø]，验证函数值[F（[a0]，...，[aM-1]）]的正确性的正确性证明 通过共享值[r]和共享值[ψ]，包括在校验和C中的共享值[fir]的总和。

公开(公告)号：US20250068394A1

公开(公告)日：2025-02-27

申请号：US18726806

申请日：2022-01-11

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Ibuki MISHINA ,  Dai IKARASHI ,  Koki HAMADA ,  Ryo KIKUCHI

IPC: G06F7/58 ,  H04L9/08

Abstract: Provided is a technology for performing secure computation of a random number generation method using weighted probability distribution with high accuracy while keeping data secure. The technology includes: first vector computation means that computes a share ([[p′1]], . . . , [[p′L]]) from a share ([[p1]], . . . , [[pL]]) by using prefix sum; uniform random number generation means that generates a share ([[q1]], . . . , [[qS]]) of a vector (q1, . . . , qS) (where qi (i=1, . . . , S) is a uniform random number, and satisfies 0≤qi≤1) having a uniform random number as an element; and random number computation means that computes a share ([[r1]], . . . , [[rS]]) of a vector (r1, . . . , rS) having an output value as an element from the share ([[p′1]], . . . , [[p′L]]), a share ([[x1]], . . . , [[xL]]), and the share ([[q1]], . . . , [[qS]]) by using secure collective mapping.

公开(公告)号：US20250053577A1

公开(公告)日：2025-02-13

申请号：US18696083

申请日：2022-01-07

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Ibuki MISHINA ,  Dai IKARASHI ,  Koki HAMADA ,  Ryo KIKUCHI

IPC: G06F16/28 ,  G06F16/23 ,  G06F21/60

Abstract: Provided is a clustering apparatus capable of securely performing hierarchical clustering while concealing all of a calculation process and values in the middle. A clustering apparatus includes: a cluster ID update unit that combines two clusters closest to each other and updates a cluster ID of a cluster ID table in which a data ID and a cluster ID are associated with each other on a one-to-one basis; and an inter-cluster distance update unit that executes deletion processing of deleting information corresponding to clusters to be combined from an inter-cluster distance table that is a table of distances between all clusters and addition processing of adding a distance between a newly combined cluster and another cluster to the inter-cluster distance table, and updates the inter-cluster distance table, in which information of the cluster ID table and the inter-cluster distance table is encrypted, and processing in the cluster ID update unit and the addition processing in the inter-cluster distance update unit are performed by using information encrypted without being decrypted.

公开(公告)号：US20240281208A1

公开(公告)日：2024-08-22

申请号：US18568542

申请日：2021-06-14

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki HAMADA

IPC: G06F7/38

CPC classification number: G06F7/38

Abstract: A cumulative calculation device according to an embodiment is a cumulative calculation device that, with respect to a column v=(v1, . . . , vn) of n values divided into groups, calculates cumulation for each of the groups through an associative binary operation. The cumulative calculation device includes: a value conversion unit configured to convert v into v′=(v1′, . . . , vn′) (where v1′=(v1, ci)) when c=(c1, . . . , cn) is a column of values in which 1 corresponds to a head element of the group and 0 corresponds to elements other than the head element among elements v1, . . . , vn of v; a binary operation generation unit configured to generate a new binary operation for calculating a new pair (p, q) for two pairs (w, x) and (y, z) (where x, z ∈ {0, 1} using the binary operation; a cumulative calculation unit configured to calculate cumulation s1′ (where si′ is cumulation from v1′ to vi′ from the new binary operation) by the new binary operation for i=1, . . . , n; and an output unit configured to extract a column u=(u1, . . . , un) of values indicating the cumulation for said each of the groups from each si′ (where i=1, . . . , n) and output the extracted u.
The new binary operation sets an operation result of w and y by the binary operation to p when z=0, sets y to p when z=1, and sets a logical sum of x and z to q.

公开(公告)号：US20240214212A1

公开(公告)日：2024-06-27

申请号：US18556518

申请日：2021-05-21

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki HAMADA ,  Koji CHIDA ,  Masanobu KII ,  Atsunori ICHIKAWA ,  Junichi TOMIDA

IPC: H04L9/32

CPC classification number: H04L9/3236

Abstract: A secure collation system performs secure-data-collation between first and second information processing apparatuses and includes the first and second information processing apparatuses. The second information-processing-apparatus creates, when receiving a first vector having a hash value of a key value of the first information-processing-apparatus as an element, a second vector by adding a dummy hash value to the first vector and rearranging the first vector by random permutation; creates a third vector having, as elements, a hash value of a key value of the second information-processing-apparatus and a hash value of a dummy key value; and transmits the second and third vectors to the first information-processing-apparatus. The first information-processing-apparatus calculates a hash value of an element of the third vector and creates a fourth vector having the hash value as an element; and collates matched values between each element of the third vector and each element of the fourth vector.

公开(公告)号：US20240176903A1

公开(公告)日：2024-05-30

申请号：US18283005

申请日：2021-03-22

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Satoshi TAKAHASHI ,  Koji CHIDA ,  Koki HAMADA ,  Atsunori ICHIKAWA

IPC: G06F21/62 ,  G06F21/60

CPC classification number: G06F21/6218 ,  G06F21/602 ,  G06F21/606

Abstract: Data search by secure computation is efficiently performed and retrieved data is safely provided. A searcher terminal acquires condition data. The searcher terminal extracts a feature from the condition data. The searcher terminal encrypts the feature of the condition data. A secure search apparatus acquires a search result indicating a ciphertext of target data corresponding to a feature of target data similar to the feature of the condition data while keeping the feature of the target data and the feature of the condition data secret. The secure search apparatus transmits the search result to an encryption apparatus and the searcher terminal. The searcher terminal acquires the ciphertext of the target data indicated by the search result. The encryption apparatus transmits a decryption key to the searcher terminal. The searcher terminal decrypts the ciphertext of the target data using the decryption key.

公开(公告)号：US20230401263A1

公开(公告)日：2023-12-14

申请号：US18246928

申请日：2020-10-16

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki HAMADA

IPC: G06F16/906 ,  G06F21/60

CPC classification number: G06F16/906 ,  G06F21/602

Abstract: A secret grouping apparatus according to an embodiment is a secret grouping apparatus, which classifies a plurality of elements into one or more groups through secret calculation, includes: an input unit configured to receive, as an input, a target vector in which the plurality of elements are disposed so that elements belonging to a same group are continuous, a group information vector representing a last element in the group, and a classification destination vector representing a classification destination of each of the elements in the group; a detection vector calculation unit configured to calculate a detection vector representing a last element of elements classified into a same classification destination in the group by using the target vector, the group information vector, and the classification destination vector; and a classification unit configured to stably sort the target vector and the detection vector with respect to the classification destination vector to create a target vector after classifying each of the elements into the classification destination in the group and a group information vector representing a last element in a group after the classification.

公开(公告)号：US20230376790A1

公开(公告)日：2023-11-23

申请号：US18247938

申请日：2020-10-16

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki HAMADA

IPC: G06N5/01 ,  G06N20/00

CPC classification number: G06N5/01 ,  G06N20/00

Abstract: A secret decision tree learning device according to an embodiment is a secret decision tree learning device for learning a decision tree by secret calculation, that includes an input unit configured to input a data set composed of a plurality of records including one or more attribute values of explanatory variables and attribute values of objective variables; and a learning unit configured to learn the decision tree by collectively dividing the data set at all nodes included in a hierarchical level, for each of a plurality of hierarchical levels of the decision tree.

公开(公告)号：US20230039723A1

公开(公告)日：2023-02-09

申请号：US17792145

申请日：2020-01-16

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Atsunori ICHIKAWA ,  Koki HAMADA ,  Ryo KIKUCHI

IPC: H04L9/32 ,  H04L9/08

Abstract: A server determines an array [[addr]] indicating a storage destination of each piece of data, generates an array of concealed values, and connects the generated array to the array [[addr]] to determine an array [[addr′]]. The server generates a sort permutation [[σ1]] for the array, applies the sort permutation [[σ1]] to the array [[addr′]], and converts the array [[addr′]] into an array with a sequence composed of first Z elements set to [[i]] followed by αi elements set to [[B]]. The server generates a sort permutation [[σ2]] for the converted array [[addr′]], generates dummy data, imparts the generated dummy data to the concealed data sequence, applies the sort permutations [[σ1]] and [[σ2]] to the data array imparted with the dummy data, and generates, as a secret hash table, a data sequence obtained by deleting the last N pieces of data from the sorted data array.

公开(公告)号：US20220413802A1

公开(公告)日：2022-12-29

申请号：US17765440

申请日：2019-10-07

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Hiroki SUDO ,  Dai IKARASHI ,  Koki HAMADA ,  Ryo KIKUCHI ,  Atsunori ICHIKAWA ,  Ibuki MISHINA

IPC: G06F7/535

Abstract: A computation apparatus, a method of the same, and a program which perform a secure computation using fixed-point arithmetic, and overflow is unlikely to occur and the occurrence of division by zero can be detected when an odds ratio is calculated. The computation apparatus includes an odds ratio computation unit for obtaining an odds ratio between a first group (a+b) and a second group (c+d) based on four plaintext values a, b, c, and d, by means of secure computation; a zero-division detection unit for determining, by means of secure computation, whether or not at least one of the plaintext values b and c is not zero, and detecting division by zero; and a selection unit for selecting the odds ratio if division by zero is not detected, by means of secure computation.