公开(公告)号：US20210349807A1

公开(公告)日：2021-11-11

申请号：US16867632

申请日：2020-05-06

Applicant: SAP SE

Inventor： Andreas Fischer ,  Jonas Janneck ,  Joern Kussmaul ,  Nikolas Kraetzschmar ,  Florian Kerschbaum

IPC: G06F11/36 ,  G06F11/30 ,  G06F8/71 ,  G06F21/14 ,  G06F21/55

Abstract: Provided is a system and method for generating a subset of optimal variations of a software program which allow some statements of the control flow to be exposed to side channels. Furthermore, the subset of optimal variations may be selected based on a security and a performance trade-off analysis. In one example, the method may include identifying a set of statements within a control flow of a software program, generating a plurality of variations of the software program which comprise different subsets of statements which are exposed to side channels, respectively, determining one or more pareto-optimal variations of the software program based on side channel leakage values and performance values of the plurality of variations of the software program, and outputting information about the one or more pareto-optimal variations of the software program to a user device.

公开(公告)号：US12250292B2

公开(公告)日：2025-03-11

申请号：US17752326

申请日：2022-05-24

Applicant: SAP SE

Inventor： Anselme Tueno ,  Jonas Janneck

IPC: H04L9/00 ,  G06F7/523 ,  G06F21/60 ,  H04L9/32

Abstract: In an example embodiment, a protocol for private set intersection is introduced that provides for two-party computation. Each party has a private data set and both parties want to securely compute the intersection of their sets, such that only the result is revealed and nothing else. Construction rules are provided that rely on the evaluation of a branching program (BP) using a fully homomorphic encryption (FHE) scheme. Using the properties of an FHE scheme, a non-interactive protocol is built with extendable functionalities. Thus, not only can the intersection be securely computed but the result can be used for further secure computations. Furthermore, the communication overhead for practical applications is independent of the server's set size, allowing for easy scalability.

公开(公告)号：US12155754B2

公开(公告)日：2024-11-26

申请号：US17525372

申请日：2021-11-12

Applicant: SAP SE

Inventor： Anselme Tueno ,  Jonas Janneck

IPC: H04L9/32 ,  H04L9/00 ,  H04L9/06 ,  H04L9/08

Abstract: Systems, methods, and computer-readable media are disclosed for secure integer comparison using binary trees. A server may receive a first encrypted input and a public encryption key from a client. The server may create a binary tree representing a second encrypted input. The server may evaluate the first encrypted input on the binary tree. The evaluation may comprise computing decision bits along a plurality of paths of the binary tree. The decision bits may then be aggregated along each path of the binary tree and the aggregation stored at a leaf node of each path. The leaf node of each path may be evaluated to obtain a comparison result. The comparison result may be encrypted with the public encryption key. The server may send the comparison result to the client for decryption. The comparison result may indicate whether the first input was larger than the second input.

公开(公告)号：US11429750B2

公开(公告)日：2022-08-30

申请号：US16988815

申请日：2020-08-10

Applicant: SAP SE

Inventor： Andreas Fischer ,  Jonas Janneck ,  Joern Kussmaul ,  Florian Kerschbaum

IPC: G06F21/53 ,  G06F21/62 ,  G06F21/60 ,  G06F12/14 ,  G06F9/30

Abstract: Provided is a system and method for executing an encrypted software program within a host platform. The execution may be bifurcated among a trusted module and an untrusted area of the host platform. In one example, the method may include receiving bytecode and encrypted data of a software program, decrypting, via a secure memory area, the encrypted data into decrypted data, executing, via the secure memory area, instructions from the bytecode on the decrypted data to generate execution results, encrypting the generated execution results, and transmitting the encrypted execution results to a remote computing device.

公开(公告)号：US11354218B2

公开(公告)日：2022-06-07

申请号：US16867632

申请日：2020-05-06

Applicant: SAP SE

Inventor： Andreas Fischer ,  Jonas Janneck ,  Joern Kussmaul ,  Nikolas Kraetzschmar ,  Florian Kerschbaum

IPC: G06F9/44 ,  G06F11/36 ,  G06F8/71 ,  G06F11/30 ,  G06F21/14 ,  G06F21/55

Abstract: Provided is a system and method for generating a subset of optimal variations of a software program which allow some statements of the control flow to be exposed to side channels. Furthermore, the subset of optimal variations may be selected based on a security and a performance trade-off analysis. In one example, the method may include identifying a set of statements within a control flow of a software program, generating a plurality of variations of the software program which comprise different subsets of statements which are exposed to side channels, respectively, determining one or more pareto-optimal variations of the software program based on side channel leakage values and performance values of the plurality of variations of the software program, and outputting information about the one or more pareto-optimal variations of the software program to a user device.

公开(公告)号：US20230388102A1

公开(公告)日：2023-11-30

申请号：US17752326

申请日：2022-05-24

Applicant: SAP SE

Inventor： Anselme Tueno ,  Jonas Janneck

IPC: H04L9/00 ,  G06F7/523

CPC classification number: H04L9/008 ,  G06F7/523

Abstract: In an example embodiment, a protocol for private set intersection is introduced that provides for two-party computation. Each party has a private data set and both parties want to securely compute the intersection of their sets, such that only the result is revealed and nothing else. Construction rules are provided that rely on the evaluation of a branching program (BP) using a fully homomorphic encryption (FHE) scheme. Using the properties of an FHR scheme, a non-interactive protocol is built with extendable functionalities. Thus, not only can the intersection be securely computed but the result can be used for further secure computations. Furthermore, the communication overhead for practical applications is independent of the server's set size, allowing for easy scalability.

公开(公告)号：US20230155815A1

公开(公告)日：2023-05-18

申请号：US17525372

申请日：2021-11-12

Applicant: SAP SE

Inventor： Anselme Tueno ,  Jonas Janneck

IPC: H04L9/08 ,  H04L9/06 ,  H04L9/00

CPC classification number: H04L9/0836 ,  H04L9/0825 ,  H04L9/0662 ,  H04L9/008

Abstract: Systems, methods, and computer-readable media are disclosed for secure integer comparison using binary trees. A server may receive a first encrypted input and a public encryption key from a client. The server may create a binary tree representing a second encrypted input. The server may evaluate the first encrypted input on the binary tree. The evaluation may comprise computing decision bits along a plurality of paths of the binary tree. The decision bits may then be aggregated along each path of the binary tree and the aggregation stored at a leaf node of each path. The leaf node of each path may be evaluated to obtain a comparison result. The comparison result may be encrypted with the public encryption key. The server may send the comparison result to the client for decryption. The comparison result may indicate whether the first input was larger than the second input.