公开(公告)号：US10657847B2

公开(公告)日：2020-05-19

申请号：US15762314

申请日：2016-10-11

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki Hamada ,  Ryo Kikuchi

IPC: G06C1/00 ,  G09C1/00 ,  G06F7/58

Abstract: A combination of secure texts of values “a”, “b” and “c” having a relationship c=ab is efficiently generated. A secure text generation part 12 generates secure texts [xi] of xi satisfying xi=f(ki), and secure texts [yi] of yi satisfying yi=g(ki), for i=0, . . . , m. A fragment generation part 13 generates εi decrypted from [xi]−[ai] and ρi decrypted from [yi]−[bi], for i=1, . . . , m, and calculates [ci]+εi[bi]+ρi[ai]+εiρi and generates secure texts [z1], . . . , [zm]; and A random number synthesizing part 14 generates a secure text [z0] using different values k0, . . . , km and secure texts [z1], . . . , [zm].

公开(公告)号：US10050775B2

公开(公告)日：2018-08-14

申请号：US15109584

申请日：2014-11-28

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki Hamada ,  Dai Ikarashi ,  Koji Chida

IPC: H04L9/32 ,  H04L9/00

Abstract: A second set including a plurality of elements a5(1), . . . , a5(N) or a concealed text of the second set is obtained, where the second set is obtained by setting a replication source element a(f(h)) included in a first set to an element a(f(h))−a(f(h−1)) and setting elements other than the replication source in the first set to zero with respect to h=2, . . . , M. An additive inverse of a replication source element a(f(h−1)) of which the order is before the replication source element a(f(h)) and is the closest to the replication source element a(f(h)) is −a(f(h−1)). The second set or the concealed text of the second set is used to obtain a third set or a concealed text of the third set. The third set is a set including a first element b(1)=a5(1) and i=2, . . . , Nth element b(i)=b(i−1)+a5(i).

公开(公告)号：US10002547B2

公开(公告)日：2018-06-19

申请号：US15110886

申请日：2015-01-07

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Dai Ikarashi ,  Koki Hamada ,  Ryo Kikuchi ,  Koji Chida

IPC: H04L29/06 ,  G09C1/00 ,  G06F21/60 ,  H04L9/08

CPC classification number: G09C1/00 ,  G06F21/60 ,  H04L9/085 ,  H04L2209/46

Abstract: Secret calculation including secret random permutation is performed at high speed. In unit permutation, random permutation devices p0, . . . , pk-1 perform permutation of additive secret sharing values «a»ρi of a plain text a with sub shares πρi of permutation data π. In resharing, the random permutation device p0 generates additive secret sharing values «a»ρi+1pk by using random numbers r1, . . . , rk-1 which are respectively shared with random permutation devices pj (j=1, . . . , k−1) so as to transmit the additive secret sharing values «a»ρi+1pk to the random permutation device pk and each of the random permutation devices pj generates additive secret sharing values «a»ρi+1pj by using random numbers rj.

公开(公告)号：US09992190B2

公开(公告)日：2018-06-05

申请号：US14910808

申请日：2014-08-21

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Ryo Kikuchi ,  Dai Ikarashi ,  Koji Chida ,  Koki Hamada

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  G09C1/00

CPC classification number: H04L63/083 ,  G09C1/00 ,  H04L9/085 ,  H04L9/3226 ,  H04L2209/46

Abstract: Even when an intermediate server exists, a plurality of servers simultaneously authenticates a user securely. A user apparatus disperses a password. The user apparatus obtains a ciphertext, which is obtained by encrypting a dispersed value. The intermediate server transmits the ciphertext to an authentication server. The authentication server decrypts the ciphertext to obtain the dispersed value. The authentication server determines a verification value. The authentication server obtains a ciphertext. The intermediate server decrypts the ciphertext to obtain the verification value. The intermediate server verifies whether a sum total of the verification values is equal to 0 or not. The authentication server determines a verification value. The authentication server obtains a ciphertext. The authentication server decrypts the ciphertext to obtain the verification value. The authentication server verifies whether a sum total of the verification values is equal to 0 or not.

公开(公告)号：US20150172049A1

公开(公告)日：2015-06-18

申请号：US14408426

申请日：2013-07-04

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koji Chida ,  Dai Ikarashi ,  Koki Hamada ,  Ryo Kikuchi

IPC: H04L9/08

CPC classification number: H04L9/0869 ,  G06F21/606 ,  H04L9/008 ,  H04L9/085

Abstract: A secret sharing system transforms computational secret shares to homomorphic secret shares. On a data distribution apparatus, a key selector selects K′−1 keys. A pseudorandom number generator generates pseudorandom numbers from the keys. An encryption part generates a ciphertext from information using the pseudorandom numbers. A key division part divides the keys into N shares fg(n) using an arbitrary sharing. A ciphertext division part divides the ciphertext into N shares fan) using an arbitrary sharing. When K shares fsj(i) are input into distributed data transform apparatuses, a reconstruction part generates a reconstructed value by reconstructing shares fsj(i) using the secret sharing, and when K shares fc(i) are input, generates the reconstructed value uj by reconstructing shares fc(i) using the arbitrary sharing. A redivision part divides reconstructed value Uj into N shares fuj(n) using a homomorphic secret sharing. A transformer generates share ga(i) of the information from K′ shares fUj.

Abstract translation: 秘密共享系统将计算秘密股转换为同态秘密股。 在数据分配装置上，键选择器选择K'-1键。 伪随机数生成器从密钥生成伪随机数。 加密部分使用伪随机数从信息生成密文。 关键部分部分使用任意共享将密钥分成N股fg（n）。 密文分割部分使用任意共享将密文划分为N股粉丝） 当将K股fsj（i）输入到分布式数据变换装置中时，重建部分通过使用秘密共享重构股份fsj（i）来生成重建值，并且当K股fc（i）被输入时，生成重构值uj 通过使用任意共享重建fc（i）的共享。 再分割部分使用同态秘密共享将重构值Uj分为N股fuj（n）。 变压器产生来自K'股份fUj的信息的股份ga（i）。

公开(公告)号：US12095906B2

公开(公告)日：2024-09-17

申请号：US17760765

申请日：2019-10-02

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Atsunori Ichikawa ,  Dai Ikarashi ,  Koki Hamada ,  Ryo Kikuchi ,  Hiroki Sudo ,  Ibuki Mishina

IPC: H04L9/08

CPC classification number: H04L9/085 ,  H04L2209/46

Abstract: The present invention provides techniques to calculate the number of surviving and the number of deaths while still concealing survival time data. The present invention includes: a group data position calculation means configured to calculate a share [[gA]] of a sequence gA and a share [[gB]] of a sequence gB represented by predetermined equations from a share [[g]] of a sequence g of values of group of survival time data included in a survival time data set D; a group data number calculation means configured to calculate a share [[sA]] and a share [[sB]] from a share [[t]] of a sequence t of values of time of survival time data included in the survival time data set D, the share [[gA]], and the share [[gB]], by [[sA]]=GroupSum ([[gA]], [[t]]), [[sB]]=GroupSum ([[gB]], [[t]]); and a survival number calculation means.

公开(公告)号：US11593362B2

公开(公告)日：2023-02-28

申请号：US17057120

申请日：2019-05-14

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Dai Ikarashi ,  Koki Hamada

IPC: H04L9/08 ,  H04L9/06 ,  G06F16/242

Abstract: To efficiently determine intermediate data for use with an aggregate function while keeping confidentiality, a bit decomposition unit generates a share of a bit string by bit decomposition and concatenation of key attributes. A group sort generation unit generates a share of a first permutation, which performs a stable sort of the bit string in ascending order. A bit string sorting unit generates a share of a sorted bit string obtained by sorting the bit string with the first permutation. A flag generation unit generates a share of a flag indicating a boundary between groups. A key aggregate sort generation unit generates a share of a second permutation, which performs a stable sort of the negation of the flag in ascending order. A de-duplication unit generates shares of de-duplicated key attributes. A key sorting unit generates shares of sorted key attributes by sorting the de-duplicated key attributes.

公开(公告)号：US11508262B2

公开(公告)日：2022-11-22

申请号：US16645588

申请日：2018-09-12

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki Hamada

IPC: G06F21/00 ,  G09C1/00 ,  G06F21/71

Abstract: Data is efficiently read from and written in a sequence without an access position being revealed. A secure reading and writing apparatus (1) receives a read command or a write command as input, and, when the read command is input, outputs a secret text [a[x]] which is an x-th element of a secret text sequence [a], and, when the write command is input, adds the secret text [a[x]] which is the x-th element of the secret text sequence [a], to a secret text [d]. A secure reading part (12) reads the secret text [a[x]] which is the x-th element from the secret text sequence [a]. A buffer addition part (13) adds a secret text [c] of an unreflected value c to the secret text [a[x]]. A buffer appending part (14) appends a secret text [x] and the secret text [d] to a write buffer [b]. When the number of elements of the write buffer [b] exceeds a predetermined value, a secure writing part (15) adds a value indicated with a secret text vector [b1] to an access position of the secret text sequence [a] which is indicated with a secret text vector [b0].

公开(公告)号：US11480991B2

公开(公告)日：2022-10-25

申请号：US16977954

申请日：2019-03-11

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Dai Ikarashi ,  Koki Hamada

IPC: G06F1/03 ,  G06F7/24 ,  G06F7/76 ,  G06F17/16

Abstract: A secure table reference system includes a first combining part 11n for generating [v′] of v′ ∈ Fm+nt in which d and v are combined, a difference calculation part 12n for generating [r″] of r″ that has a difference between a certain element of r and an element before the certain element as an element corresponding to the certain element, a second combining part 13n for generating [r′] of r′ ∈ Fm+nt in which r″ and an m-dimensional zero are combined, a permutation calculation part 14n for generating {{σ}} of a permutation σ that stably sorts v′ in ascending order, a permutation application part 15n for generating [s] of s: =σ(r′) obtained by applying the permutation σ to r′, a vector generation part 16n for generating [s′] of a prefix-sum s′ of s, an inverse permutation application part for generating [s″] of s″ obtained by applying an inverse permutation σ−1 of the permutation σ to s′, and an output part 17n for generating [x] of x ∈ Fm consisting of (nt+1)th and subsequent elements of s″.

公开(公告)号：US11200346B2

公开(公告)日：2021-12-14

申请号：US16313233

申请日：2017-06-30

Applicant: NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Inventor： Koki Hamada

IPC: G06F21/00 ,  G06F21/72 ,  G09C1/00

Abstract: Multiple elements are efficiently read from a secured array. A secure text array =( , . . . , ) where an array a=(a[0], . . . , a[n−1]) having a size of n is secured, secure text of an integer x that is equal to or higher than 0 and less than n, and in integers i0, . . . , im-1 that are equal to or higher than 0 and less than n are input into an input part 11. A secure shift part 12 secure-shifts the secure text array by to obtain a secure text array =( , . . . , ) where an array a′=(a′[0], . . . , a′[n−1]) obtained by shifting leftward the array a by x is secured. An array generation part 13 generates a secure text array =( , . . . , ) from the secure text array .