Abstract: FHE APSI for intersecting a first party's relatively large dataset X and a second party's relatively small dataset Y with SIMD Re-randomization to prevent data leakage. The first party may use SIMD FHE to execute a simultaneous bin-by-bin comparison of the intersection Y ?X. The first party may use SIMD FHE to re-randomize each comparison bin by simultaneously executing cyclical rotations on a plurality of slots in each bin to generate randomized comparison bins. The second party, using a secret SIMD FHE key, may simultaneously decrypt the randomized comparison bins to reveal unencrypted randomized comparison bins each either indicating an all-slot full match or a mismatch, but no combination of partial-slot match and mismatch of the bin-to-bin comparison of X and Y to prevent data leakage.

Abstract: Methods and systems for improving homomorphic encryption include: receiving, by a computing device, a data set from at least two or more computing devices, each data set comprising: a plurality of encrypted identifiers, and a number indicating the number of the plurality of encrypted identifiers; creating, by the computing device, a single data set including each of the received data sets; creating, by the computing device, a common identifier vector that indicates each encrypted identifier in the single data set that has underlying unencrypted data that is the same in more than one of the received data sets; and transmitting, by the computing device, the common identifier vector to each of the at least two or more computing devices.

Abstract: Systems and methods for improving homomorphic encryption are provided. A processor receives an encrypted ciphertext; splits the encrypted ciphertext into a plurality of smaller digits; applies a homomorphic floor function to clear a least significant bit from a current smaller digit; scales down the encrypted ciphertext, using modulus switching, thereby changing the ciphertext modulus to a new modulus; applies a bootstrapping procedure for a sign evaluation function to determine a sign of the scaled down encrypted ciphertext; and transmits the sign with the ciphertext to a server for subsequent use.

Abstract: Systems and methods for distributing bootstrapping in homomorphic encryption schemes include: splitting a decryption key into a plurality of n shares; transmitting to each of a plurality of n computer processors: (i) a ciphertext; (ii) a unique share of the plurality of n shares of the decryption key; and (iii) an indication of a publicly available encryption key; receiving, from each of the plurality of n computer processors, n encrypted values; and computing a homomorphic sum of the n encrypted values to obtain an encryption of the sum of n decrypted values, such that bootstrapping of the encryption is distributed.

Abstract: Systems and methods for cryptography based on 128 bit integers include: receiving a complex input, the input including a 128-bit number; encrypting by: setting an imaginary part of the input to a predetermined value; encrypting the input using a Fourier transform and a scaling factor; adding a first noise and a second noise to the encrypted input, wherein the second noise obfuscates the first noise; and decrypting by: receiving the encrypted input with added first noise and second noise; estimating a standard deviation of the first noise based on an imaginary part of the received encrypted complex input; computing a standard deviation of the second noise based on the standard deviation of the first noise and a predetermined parameter; and decrypting the encrypted message using an inverse Fourier transform, the first noise, and the second noise.

Abstract: A device, system and method for debugging a homomorphically encrypted (HE) program. The HE program comprising real ciphertext data and encrypted operations in the HE space (production mode) may be mapped to an equivalent plaintext program comprising equivalent pseudo-ciphertext data and pseudo-encrypted operations in the unencrypted space (simulation mode). The plaintext program may be executed in a first full pass in simulation model and a sampling of the HE program may be executed in a second partial pass in production mode, the results of which are compared. The HE program and/or mapping may be validated if the results of simulation and production mode match and debugged if the results do not match. An integrated development environment (IDE) may switch among the HE space (production mode), the unencrypted space (simulation mode), and a combination of both HE and unencrypted spaces simultaneously (simultaneous production-simulation mode).

Abstract: Collaborative multiparty homomorphic encryption comprising receiving a linear common public key collaboratively generated by a plurality of parties as a sum of linear public key shares associated with the respective plurality of parties. Each of two ciphertexts may be encrypted with the linear common public key and the two ciphertexts may be combined by a non-linear computation to generate a result ciphertext encrypted by a non-linear public key. The result ciphertext may be re-encrypted with a re-linearization key to swap encryption keys from the non-linear public key to a linear public key. The re-encrypted result ciphertext may be distributed to the plurality of parties to each partially decrypt the re-encrypted result ciphertext by a linear secret key share associated with the party, which in combination fully decrypts the result by a linear common secret key that is a sum of the secret key shares of the respective plurality of parties.

Abstract: An encryption and cryptosystem for fast and efficient searching of ciphertexts. Unencrypted secret data may be transformed into encoded secret data using an injective encoding such that each distinct value of the unencrypted secret data is mapped to a unique index in the encoded secret data. The encoded secret data may be homomorphically encrypted using the homomorphic encryption key to generate secret data ciphertexts. The secret data ciphertexts may be transmitted to an external system for searching the secret data ciphertexts for encoded queries. The encoded queries are encoded by the same injective encoding as the secret data, to directly search only indices of the secret data ciphertexts corresponding to query indices having non-zero query values, to detect if values of the secret data ciphertexts match values of the encoded queries at the query indices, without searching the remaining indices of the secret data ciphertexts.

Abstract: A multi-party system comprising a garbler and an evaluator for interactively executing homomorphic SIMD operations using garbled circuits. The garbler and evaluator may each store a unique share of a shared secret key, a ciphertext, and a shared public key. The garbler and evaluator may each partially decrypt the ciphertext using its key share to generate a unique data share. The garbler may linearize and reduce the size of the unique garbler data share. The garbler may send to the evaluator a garbled circuit, a garbling of the linear unique garbled data share, and garbled potential wires for the evaluator to garble its linear unique evaluator data share by oblivious transfer. The evaluator may evaluate the garbled circuit to execute a SIMD program to combine, in parallel, multiple indices of the linear garbler and evaluator unique data shares to efficiently generate an encrypted result of the garbled circuit.

Abstract: A device, system and method for linking encrypted data sets using common encrypted identifiers in encrypted space. A first and second parties' encrypted data sets may include first and second respective encrypted data and associated first and second respective encrypted identifiers. The first and second encrypted identifiers may be converted into a first and second respective sets of a plurality of elemental identifier components. Each of the plurality of elemental identifier components in each component set characterizes a distinct numeric property of the corresponding converted encrypted identifier. The first and second sets of the plurality of elemental identifier components may be composed, component-by-component, to generate a plurality of component-specific results.

Abstract: An efficient search of a target string by a query string in homomorphically encrypted space. The target string may be encoded by reordering its characters into a plurality of target substrings, each encoding non-sequential characters of the target string separated by a periodic stride K and different target substrings having stride sequences offset relative to each other. The query string may be encoded into a plurality of query substrings, each defining a repeating sequence of a different respective character value in the query string. Each of the substrings may be homomorphically encrypted and hashed. The plurality of hashed encrypted target substrings and plurality of hashed encrypted query substrings may be compared to determine if there is a search result match. A rolling hash may iteratively update the plurality of hashed encrypted target substrings by one target string slot and the comparison may be repeated for each iterative update.

Abstract: A system and method for secure searching in a semi-trusted environment by comparing first and second data (query and target data). A first data provider may map first secret data to a first plurality of tokens using a token codebook, concatenate the first plurality of tokens to generate a first token signature, and homomorphically encrypt the first token signature. A second data provider may map second data to a second plurality of tokens using the token codebook, concatenate the second plurality of tokens to generate a second token signature, and compare the homomorphically encrypted first token signature and an unencrypted or homomorphically encrypted second token signature to generate a homomorphically encrypted comparison. A trusted party may decrypt the homomorphically encrypted comparison, using a secret homomorphic decryption key, to determine if the token signatures match or not respectively indicating the search query is found or not in the target data.

Abstract: A system, method, and non-transitory computer readable storage medium for privacy preserving routing of a data packet. The data packet may comprise a packet header and a data payload; the packet header comprising at least a homomorphically encrypted final destination address of a final destination device. An intermediate routing device may receive the data packet. At the intermediate routing device, in a non-TEE, homomorphic computations may be performed to determine a homomorphically encrypted address of a next intermediate routing device. At the intermediate routing device, in a TEE, one or more secret homomorphic decryption keys may be stored and used to decrypt the homomorphically encrypted address of the next address of the next intermediate routing device. The data packet may be transmitted to the decrypted address of the next intermediate routing device according to an updated packet header with the unencrypted address of the next intermediate routing device in the sequence.

Abstract: Systems and methods for improving homomorphic encryption are provided. A processor receives an encrypted ciphertext; splits the encrypted ciphertext into a plurality of smaller digits; applies a homomorphic floor function to clear a least significant bit from a current smaller digit; scales down the encrypted ciphertext, using modulus switching, thereby changing the ciphertext modulus to a new modulus; applies a bootstrapping procedure for a sign evaluation function to determine a sign of the scaled down encrypted ciphertext; and transmits the sign with the ciphertext to a server for subsequent use.

Abstract: Systems and methods for distributing bootstrapping in homomorphic encryption schemes include: splitting a decryption key into a plurality of n shares; transmitting to each of a plurality of n computer processors: (i) a ciphertext; (ii) a unique share of the plurality of n shares of the decryption key; and (iii) an indication of a publicly available encryption key; receiving, from each of the plurality of n computer processors, n encrypted values; and computing a homomorphic sum of the n encrypted values to obtain an encryption of the sum of n decrypted values, such that bootstrapping of the encryption is distributed.

Abstract: Methods and systems for improving homomorphic encryption include: receiving, by a computing device, a data set from at least two or more computing devices, each data set comprising: a plurality of encrypted identifiers, and a number indicating the number of the plurality of encrypted identifiers; creating, by the computing device, a single data set including each of the received data sets; creating, by the computing device, a common identifier vector that indicates each encrypted identifier in the single data set that has underlying unencrypted data that is the same in more than one of the received data sets; and transmitting, by the computing device, the common identifier vector to each of the at least two or more computing devices.

Abstract: A device, system and method for securely executing recursive computations over encrypted data in a homomorphically encrypted (HE) space. For a recursive algorithm with sequentially dependent recursive iterations, executing the recursive algorithm in parallel by computing multiple recursive iterations simultaneously over multiple parallel execution iterations and not in sequential order. Each parallel execution iteration may compute a partial HE solution of multiple sequential recursive iterations comprising a known HE part and leaves empty a placeholder call slot for an unknown HE part. Placeholder call slots remain empty and are filled at delayed times at a later parallel execution iteration from when the known part of the same HE computation is computed. A final HE solution is computed in fewer multiple parallel execution iterations than the number of sequential recursive iterations, thereby accelerating the recursive algorithm in HE space.

Abstract: Methods and systems for reducing noise in homomorphic multiplication include: receiving a plurality of ciphertexts, each having a corresponding level; receiving data specifying a homomorphic multiplication on two ciphertexts; for two ciphertexts having different levels: adjusting a scaling factor of a first ciphertext so that the respective scaling factors of the two ciphertexts are the same; performing the homomorphic multiplication; and rescaling a result of the homomorphic multiplication; for two ciphertexts having the same level: performing the homomorphic multiplication; rescaling a result of the homomorphic multiplication; and using the scaling factors of the two ciphertexts during a decryption process.

Abstract: Methods and system for risk determination and risk categorization using encrypted data are provided. The risk determination can involve determining an inner product operation between a generalized weight table and an encrypted incidence vector, summing the result of the inner product operation and/or decrypting the results. Method and systems for encrypting data for use in homomorphic risk determination are also provided.

Abstract: Methods and systems for performing an operation on at least one homomorphically encrypted ciphertext, the method include determining, by a computing device, a value that is an initial approximation of a result of the operation on the at least one homomorphically encrypted ciphertext; and iteratively improving, by the computing device, the value using a recurrence relation wherein a number of iterations is determined based on a predetermined accuracy to minimize an approximation error.