Abstract: A secret sharing scheme with yes and no shares and having a hidden access structure. The secret sharing scheme may include share generation in which yes shares and no shares are generated for, and distributed to, each party in the secret sharing scheme. In turn, upon an attempt to reconstruct the secret, participants in the reconstruction each provide a share, which is unknown to be a yes share or a no share to the other participants. The secret is only reconstructable if the shares used in the reconstruction include yes shares of a minimal authorized subset of the parties. However, prior to secret reconstruction, the access structure remains hidden and the participants in a reconstruction are unaware of the character of the shares provided by other participants in the reconstruction attempt.

Abstract: A function is decomposed into a plurality of function shares. The function returns a Boolean result based on whether an input y satisfies a query on a data set. The function shares hide the function from non-collaborating entities that separately execute the function shares. Each of the functions shares are sent to one of a plurality of servers having a same data set. The function shares are executed on the data set at the servers to obtain a respective plurality of shares. A conditional disclosure of secrets operation is simulated on the shares and the input y. The conditional disclosure of secrets operation uses a secret known to at least one of the servers, and further uses a source of randomness shared between the servers. A Boolean value corresponding to the Boolean result is returned based on the conditional disclosure of secrets operation returning the secret.

Abstract: A function secret sharing (FSS) scheme that facilitates multiple evaluations of a secret function. The FSS scheme includes a function share based on a secret function and at least one key of a key-homomorphic pseudo random function (PRF). At least one key and a function share are provided to each party in the FSS scheme. In turn, each party may generate an output share comprising a function share output evaluated at a function input and a masking component generated based on the at least one key in relation to the key-homomorphic PRF. In turn, the output shares of each participating party may be combined to evaluate the secret function. The FSS scheme facilitates multiple evaluations of the secret function without leaking information regarding the secret function.

Abstract: Cryptographic sharing of a cryptographic secret among multiple parties provides a share of the cryptographic secret is generated for each party. Multiple threshold access structure tokens are generated for each party of the multiple parties. The threshold access structure tokens are generated for a party from one or more random token polynomials selected from a finite field based on the numbers of the multiple parties capable of attempting to reconstruct the cryptographic secret. The share of the cryptographic secret and the multiple threshold access structure tokens generated for each party are distributed to the corresponding party. At least a threshold number of the parties can reconstruct the cryptographic secret using the shares of the cryptographic secret and threshold access structure tokens corresponding to at least a threshold number of the parties attempting to reconstruct the cryptographic secret while less than the threshold number of parties cannot reconstruct the cryptographic secret.

Abstract: A method includes receiving, in a data storage device, a request from a client computer for a portion of ciphertext stored in the data storage device, and providing, by a controller of the data storage device, the portion of the ciphertext to the client computer. The method also includes receiving, in the data storage device, an update token generated by the client computer from the portion of the ciphertext. The method further includes performing, by the controller of the data storage device, re-encryption of the ciphertext using the update token.

Abstract: In one implementation, the disclosure provides systems and methods for a multi-party secret sharing protocol that is device specific in that the secret matrix used herein is tied to individual computing devices.

Abstract: A function secret sharing (FSS) scheme that facilitates multiple evaluations of a secret function. The FSS scheme includes a function share based on a secret function and at least one key of a key-homomorphic pseudo random function (PRF). At least one key and a function share are provided to each party in the FSS scheme. In turn, each party may generate an output share comprising a function share output evaluated at a function input and a masking component generated based on the at least one key in relation to the key-homomorphic PRF. In turn, the output shares of each participating party may be combined to evaluate the secret function. The FSS scheme facilitates multiple evaluations of the secret function without leaking information regarding the secret function.

Abstract: Polynomial function secret sharing provides for computation of reconstruction share results for a polynomial function on an input. An allocatable share of the polynomial function is received at a computing system of the share result computation systems. The allocatable share is generated from the polynomial function. Each of the allocatable shares is distributed to a unique share result computation system of the share result computation systems. Each allocatable share includes a share element for each coefficient in the polynomial function, wherein the share elements for a coefficient across the share result computation systems summing to the coefficient. A reconstruction share result is generated at the computing system by computing a dot product of the input and the allocatable share received by the computing system. A combination of the reconstruction share results generated by the share result computation systems yields a reconstructed result of the polynomial function on the input.

Abstract: A homomorphic encryption system evaluates homomorphically encrypted data, including receiving ciphertext input homomorphically encrypted from a plaintext input using a set-system including sets having an intersection property. An arithmetic function is evaluated on the ciphertext input to generate a ciphertext output, the arithmetic function including one or more additive gates and one or more multiplicative gates, wherein the evaluating operation generates errors during evaluation of the arithmetic function and the intersection property of the sets cancel out the errors during the evaluating operation. The ciphertext output is transmitted for homomorphic decryption to generate a plaintext result.

Abstract: A homomorphic encryption system receives a ciphertext output of an arithmetic evaluation function. The arithmetic evaluation function is performed on a ciphertext input homomorphically encrypted from a plaintext input using a set-system including sets having an intersection property. The ciphertext output is decrypted using a summation of two or more noise-canceling party identifiers of two or more authorized parties, wherein the intersection property of the sets cancels out errors generated during the decrypting operation for the two or more authorized parties.

Abstract: A function is decomposed into a plurality of function shares. The function returns a Boolean result based on whether an input y satisfies a query on a data set. The function shares hide the function from non-collaborating entities that separately execute the function shares. Each of the functions shares are sent to one of a plurality of servers having a same data set. The function shares are executed on the data set at the servers to obtain a respective plurality of shares. A conditional disclosure of secrets operation is simulated on the shares and the input y. The conditional disclosure of secrets operation uses a secret known to at least one of the servers, and further uses a source of randomness shared between the servers. A Boolean value corresponding to the Boolean result is returned based on the conditional disclosure of secrets operation returning the secret.

Abstract: A secret sharing scheme with yes and no shares and having a hidden access structure. The secret sharing scheme may include share generation in which yes shares and no shares are generated for, and distributed to, each party in the secret sharing scheme. In turn, upon an attempt to reconstruct the secret, participants in the reconstruction each provide a share, which is unknown to be a yes share or a no share to the other participants. The secret is only reconstructable if the shares used in the reconstruction include yes shares of a minimal authorized subset of the parties. However, prior to secret reconstruction, the access structure remains hidden and the participants in a reconstruction are unaware of the character of the shares provided by other participants in the reconstruction attempt.

Abstract: A method includes receiving, in a data storage device, a request from a client computer for a portion of ciphertext stored in the data storage device, and providing, by a controller of the data storage device, the portion of the ciphertext to the client computer. The method also includes receiving, in the data storage device, an update token generated by the client computer from the portion of the ciphertext. The method further includes performing, by the controller of the data storage device, re-encryption of the ciphertext using the update token.

Abstract: A homomorphic encryption system receives a ciphertext output of an arithmetic evaluation function. The arithmetic evaluation function is performed on a ciphertext input homomorphically encrypted from a plaintext input using a set-system including sets having an intersection property. The ciphertext output is decrypted using a summation of two or more noise-canceling party identifiers of two or more authorized parties, wherein the intersection property of the sets cancels out errors generated during the decrypting operation for the two or more authorized parties.

Abstract: A homomorphic encryption system evaluates homomorphically encrypted data, including receiving ciphertext input homomorphically encrypted from a plaintext input using a set-system including sets having an intersection property. An arithmetic function is evaluated on the ciphertext input to generate a ciphertext output, the arithmetic function including one or more additive gates and one or more multiplicative gates, wherein the evaluating operation generates errors during evaluation of the arithmetic function and the intersection property of the sets cancel out the errors during the evaluating operation. The ciphertext output is transmitted for homomorphic decryption to generate a plaintext result.

Abstract: A layered secret sharing scheme in which a trust set of each of the parties receiving a share of the secret is received and used to generate an authorized set and an adversary set for reconstruction of a secret. In this regard, an access structure defining an authorized subset of participants may be based, at least in part, on the encoded trust subsets of the shares. The secret sharing scheme includes a secret generator that generates the shares distributed to the parties. In turn, an authorized subset of participants as defined by the access structure may provide shares to a dealer for reconstruction of the secret. However, if the participants requesting secret reconstruction are not an authorized subset of participants or if participants define an adversary subset, the secret reconstruction fails. In this regard, even if an authorized subset is present, if an adversary subset is present, the reconstruction may be “killed.

Abstract: A secret sharing scheme in which a trust structure of the parties receiving a share of the secret is encoded in the shares. In this regard, an access structure defining an authorized set of participants may be based, at least in part, on the encoded trust structures. The secret sharing scheme includes a secret generator that generates the shares distributed to the parties. In turn, an authorized set of participants as defined by the access structure may provide shares to a dealer for reconstruction of the secret. However, if the participants requesting secret reconstruction are not an authorized set of participants, the secret reconstruction fails. In this regard, secret sharing with asymmetrical trust structures may be provided in which the trust structures are not known by other parties in the scheme.

Abstract: A method and apparatus for private information retrieval from a database, wherein the retrieval includes providing a covering vector for a plurality of database entries of the database. The covering vector is defined such that an inner product of the covering vector is zero with more than one member of a covering vector family that includes the covering vector. The retrieval includes generating database queries based on the covering vector and transmitting the database queries to at least two servers. An identical copy of the database may be stored on each of the at least two servers. Shares are received in response to the query, and these shares are aggregated, and a reconstruction algorithm executes to reconstruct the query results.

Abstract: A secret sharing scheme in which a trust structure of the parties receiving a share of the secret is encoded in the shares. In this regard, an access structure defining an authorized set of participants may be based, at least in part, on the encoded trust structures. The secret sharing scheme includes a secret generator that generates the shares distributed to the parties. In turn, an authorized set of participants as defined by the access structure may provide shares to a dealer for reconstruction of the secret. However, if the participants requesting secret reconstruction are not an authorized set of participants, the secret reconstruction fails. In this regard, secret sharing with asymmetrical trust structures may be provided in which the trust structures are not known by other parties in the scheme.

Abstract: A layered secret sharing scheme in which a trust set of each of the parties receiving a share of the secret is received and used to generate an authorized set and an adversary set for reconstruction of a secret. In this regard, an access structure defining an authorized subset of participants may be based, at least in part, on the encoded trust subsets of the shares. The secret sharing scheme includes a secret generator that generates the shares distributed to the parties. In turn, an authorized subset of participants as defined by the access structure may provide shares to a dealer for reconstruction of the secret. However, if the participants requesting secret reconstruction are not an authorized subset of participants or if participants define an adversary subset, the secret reconstruction fails. In this regard, even if an authorized subset is present, if an adversary subset is present, the reconstruction may be “killed.