Abstract: Embodiments described herein enable at least one of a plurality of entities to access data protected by a security policy in response to validating respective digital access requests from the entities. The respective digital access requests are received, each comprising a proof. For each request, an encrypted secret share is obtained from a respective ledger database. Each request is validated based at least on the respective encrypted secret share and the proof, without decrypting the respective encrypted secret share. In response to validating all of the requests, a verification that an access criteria of a security policy is met is made. If so, at least one of the entities is provided with access to data protected by the security policy. In an aspect, embodiments enable a blind subpoena to be performed. In another aspect, embodiments enable the at least one entity to access the data for an isolated purpose.

Abstract: An access control system is disclosed for controlling access to a resource. A request is received by a location attribute policy (LAP) server to access an encrypted resource. The LAP server accesses a resource policy that identifies requirements for granting access to the encrypted resource, such as a list of attributes of the requestor that are required and a dynamic attribute requirement of the requestor. The LAP server receives a cryptographic proof from the computing device that the requestor possesses the attributes and validates the proof based at least on information obtained from a trusted ledger. Once the proof is validated, the LAP server provides a shared secret associated with the dynamic attribute requirement to a decryption algorithm. The decryption algorithm uses the dynamic attribute shared secret in combination with one or more attribute shared secrets from the requestor to generate a decryption key for the encrypted resource.

Abstract: Verifiable attribute maps that maintain references to identities and attribute information associated with the identities are disclosed. A verifiable attribute map is maintained by a ledger database that provides tamper-resistant/evident capabilities for tables (comprising the map) thereof. For instance, when a materialized view of the database is generated, the database provides a digest representative of a state thereof to computing devices that access the map for the attribute information. When the database receives a request from a device to access the map, the digest is received along therewith. The database is validated based on the digest to determine whether the database has been tampered with since the provision of the digest. Responsive to a successful validation, the database provides access in accordance with the request. When attribute information in the map is updated, the database subsequently generates a new digest, which is provided to the computing device.

Abstract: A decryption key is recovered that is utilized to decrypt an encrypted resource. One or more location attribute policy (LAP) servers determine whether a user attempting to access a resource has the necessary attributes to access the resource and is in a valid location in which the user is required to be to access the resource. The attributes and location are defined by a policy assigned to the resource. To verify that the user has the required attributes, the LAP server(s) request a cryptographic proof from the user that proves that the user has the required attributes. Upon validating the proof, a first portion of the decryption key is released. The LAP server(s) release a second portion of the decryption key after verifying that the user is in the required location. The LAP server(s) generate the decryption key based on the released portions.

Abstract: Embodiments described herein are directed to a verifiable identity map that maintains identities and public keys associated with the identities. The map is maintained by a ledger database that provides tamper-resistant/evident capabilities for tables (comprising the map) thereof. For instance, when a materialized view of the database is generated, the database provides a digest representative of a state thereof to computing devices that access the map for the keys. When the database receives a request from a device to access the map, the digest is received along therewith. The database is validated based on the digest to determine whether the database has been tampered with since the provision of the digest. Responsive to a successful validation, the database provides access in accordance with the request. When a key in the map is updated, the database subsequently generates a new digest, which is provided to the computing device.

Abstract: A secure inference over Deep Neural Networks (DNNs) using secure two-party computation to perform privacy-preserving machine learning. The secure inference uses a particular type of comparison that can be used as a building block for various layers in the DNN including, for example, ReLU activations and divisions. The comparison securely computes a Boolean share of a bit representing whether input value x is less than input value y, where x is held by a user of the DNN, and where y is held by a provider of the DNN. Each party computing system parses their input into leaf strings of multiple bits. This is much more efficient than if the leaf strings were individual bits. Accordingly, the secure inference described herein is more readily adapted for using in complex DNNs.

Abstract: A system includes a set of low resource devices, each configured to receive transactions to be added to an encrypted block chain ledger from a sample of untrusted high resource devices, prepare a proposed block of the received transactions, provide the proposed block to the sample of untrusted high resource devices, receive proposed blocks from the untrusted high resource devices originating from the set of low resource devices. The low resource devices run a consensus protocol to select one proposed block to add to the encrypted block chain ledger stored on the untrusted high resource devices.

Abstract: A system includes a set of low resource devices, each configured to receive transactions to be added to an encrypted block chain ledger from a sample of untrusted high resource devices, prepare a proposed block of the received transactions, provide the proposed block to the sample of untrusted high resource devices, receive proposed blocks from the untrusted high resource devices originating from the set of low resource devices. The low resource devices run a consensus protocol to select one proposed block to add to the encrypted block chain ledger stored on the untrusted high resource devices.

Abstract: In some embodiments, an encryption system secures data using a homomorphic encryption. The encryption system encrypts a number by encrypting a number identifier of the number and combining the number and the encrypted number identifier using a mathematical operation to generate an encrypted number. The encrypted numbers may be stored at a server system along with their number identifiers. The server system can then generate an aggregation (e.g., sum) of the encrypted numbers and provide the aggregation, the encrypted numbers, and the number identifiers. The encryption system can then separate the aggregation of the numbers from the aggregation of the encrypted numbers using an inverse of the mathematical operation used in the encryption to effect removal of an aggregation of the encrypted number identifiers of the numbers from the aggregation of the encrypted numbers. The separated aggregation of the numbers is an aggregation of the plurality of the numbers.

Abstract: Systems and methods for private deep neural network training are disclosed. Method includes storing first private values at first machine and second private values at second machine; providing, to third machine, first share of first private values and first share of second private values; providing, to fourth machine, second share of first private values and second share of second private values; computing, at third machine, third machine-value based on first share of first private values and first share of second private values; computing, at fourth machine, fourth machine-value based on second share of first private values and second share of second private values; providing, to first machine and second machine, third machine-value and fourth machine-value; and computing, at first machine, a mathematical function of first private values and second private values, mathematical function being computed based on first private values stored at first machine, third machine-value, and fourth machine-value.

Abstract: Concepts and technologies are disclosed herein for filtering network traffic using protected filtering mechanisms. An indication that traffic is to be filtered can be received, and a hash key, a signature representation, and an obfuscated signature can be identified or generated. The hash key and the signature representation can be provided to a first device without exposing the contents of the signature to the second device, and the obfuscated signature can be provided to a second device without exposing the contents of the signature to the second device. The first device and the second device can execute independent operations to collectively determine if the traffic is to be filtered.

Abstract: Systems and methods for private deep neural network training are disclosed. Method includes storing first private values at first machine and second private values at second machine; providing, to third machine, first share of first private values and first share of second private values; providing, to fourth machine, second share of first private values and second share of second private values; computing, at third machine, third machine-value based on first share of first private values and first share of second private values; computing, at fourth machine, fourth machine-value based on second share of first private values and second share of second private values; providing, to first machine and second machine, third machine-value and fourth machine-value; and computing, at first machine, a mathematical function of first private values and second private values, mathematical function being computed based on first private values stored at first machine, third machine-value, and fourth machine-value.

Abstract: A device establishes a key recovery policy and generates a key that is protected based on the key recovery policy. The key recovery policy indicates which combinations of other entities can recover the protected key. The device generates different shares of the protected key, each share being a value that, in combination with the other share(s), allows the protected key to be recovered. Each share is associated with a particular leaf agent, the device encrypts each share with the public key of the leaf agent associated with the share and provides the encrypted share to a service. When recovery of the protected key is desired, a recovering authority can generate the protected key only if the recovering authority receives decrypted shares from a sufficient one or combination of leaf agents as indicated by the recovery policy.

Abstract: An encryption system stores encrypted values for aggregation is provided. The encryption system accesses an input set with input values. For each distinct value in the input set of input values, the encryption system generates an output set with an encrypted output value corresponding to each input value. The encryption system sets the encrypted output value for a corresponding input value to an encryption of an indicator of a match when the corresponding input value is the same as that distinct value. Otherwise, the encryption sets the encrypted output value for the corresponding input value to an encryption of an indicator of no match. The encrypted output values can then be aggregated to generate an encrypted aggregation based on input values that match, and the encrypted aggregation can be decrypted to generated a decrypted aggregation based on the input values that match.

Abstract: A device establishes a key recovery policy and generates a key that is protected based on the key recovery policy. The key recovery policy indicates which combinations of other entities can recover the protected key. The device generates different shares of the protected key, each share being a value that, in combination with the other share(s), allows the protected key to be recovered. Each share is associated with a particular leaf agent, the device encrypts each share with the public key of the leaf agent associated with the share and provides the encrypted share to a service. When recovery of the protected key is desired, a recovering authority can generate the protected key only if the recovering authority receives decrypted shares from a sufficient one or combination of leaf agents as indicated by the recovery policy.

Abstract: Concepts and technologies are disclosed herein for filtering network traffic using protected filtering mechanisms. An indication that traffic is to be filtered can be received, and a hash key, a signature representation, and an obfuscated signature can be identified or generated. The hash key and the signature representation can be provided to a first device without exposing the contents of the signature to the second device, and the obfuscated signature can be provided to a second device without exposing the contents of the signature to the second device. The first device and the second device can execute independent operations to collectively determine if the traffic is to be filtered.

Abstract: Concepts and technologies are disclosed herein for filtering network traffic using protected filtering mechanisms. An indication that traffic is to be filtered can be received, and a hash key, a signature representation, and an obfuscated signature can be identified or generated. The hash key and the signature representation can be provided to a first device without exposing the contents of the signature to the second device, and the obfuscated signature can be provided to a second device without exposing the contents of the signature to the second device. The first device and the second device can execute independent operations to collectively determine if the traffic is to be filtered.

Abstract: An encryption system stores encrypted values for aggregation is provided. The encryption system accesses an input set with input values. For each distinct value in the input set of input values, the encryption system generates an output set with an encrypted output value corresponding to each input value. The encryption system sets the encrypted output value for a corresponding input value to an encryption of an indicator of a match when the corresponding input value is the same as that distinct value. Otherwise, the encryption sets the encrypted output value for the corresponding input value to an encryption of an indicator of no match. The encrypted output values can then be aggregated to generate an encrypted aggregation based on input values that match, and the encrypted aggregation can be decrypted to generated a decrypted aggregation based on the input values that match.

Abstract: In some embodiments, an encryption system secures data using a homomorphic encryption. The encryption system encrypts a number by encrypting a number identifier of the number and combining the number and the encrypted number identifier using a mathematical operation to generate an encrypted number. The encrypted numbers may be stored at a server system along with their number identifiers. The server system can then generate an aggregation (e.g., sum) of the encrypted numbers and provide the aggregation, the encrypted numbers, and the number identifiers. The encryption system can then separate the aggregation of the numbers from the aggregation of the encrypted numbers using an inverse of the mathematical operation used in the encryption to effect removal of an aggregation of the encrypted number identifiers of the numbers from the aggregation of the encrypted numbers. The separated aggregation of the numbers is an aggregation of the plurality of the numbers.

Abstract: Concepts and technologies are disclosed herein for filtering network traffic using protected filtering mechanisms. An indication that traffic is to be filtered can be received, and a hash key, a signature representation, and an obfuscated signature can be identified or generated. The hash key and the signature representation can be provided to a first device without exposing the contents of the signature to the second device, and the obfuscated signature can be provided to a second device without exposing the contents of the signature to the second device. The first device and the second device can execute independent operations to collectively determine if the traffic is to be filtered.