Abstract: Systems, methods and devices for validating and performing operations on homomorphically encrypted data are described herein. The methods include securely transmitting and extracting information from encrypted data without fully decrypting the data. A data request may include an encrypted portion including a set of confidential data. One or more sets of encrypted comparison data may be then retrieved from a database in response to the data request. The encrypted set of confidential data from the data request is then compared with each set of encrypted comparison data using one or more homomorphic operations to determine which set of encrypted comparison data matches the encrypted set of confidential data. If there is a match, this validates the set of confidential data. An encrypted indicator is then generated indicating success or failure in validating the set of confidential data, which may then be forwarded to a party associated with the data request.

Abstract: A system and method of validating and performing operations on homomorphically encrypted data are described herein. The methods include processing a secure financial transaction by receiving a transaction request to complete a financial transaction, with at least a portion of the request encrypted according to a homomorphic encryption scheme, and the transaction request comprising confidential cardholder data including an account number, non-confidential cardholder data, and transaction data, and retrieving one or more sets of encrypted comparison cardholder data encrypted according to a homomorphic encryption scheme. The confidential cardholder data is then compared to each set of the comparison cardholder data using one or more homomorphic operations to determine which set of comparison cardholder data matches the confidential cardholder data and validating the confidential cardholder data.

Abstract: Provided is a system and method for hybrid windowing for string-matching of input patterns to a corpus. The method including: establishing a first window size and a hash function; performing hashing on input patterns having a size within a given range using dynamic-sized windows to determine a dynamic-windowed hash set, the given range established using the first window size; performing hashing on input patterns having a size outside the given range using fixed-sized windows to determine a fixed-windowed hash set; combining the dynamic-windowed hash set and the fixed-windowed hash set to determine a combined hash set; and outputting the combined hash set for use in the confidential string-matching.

Abstract: Provided is a system and method for confidential repository searching. The method executed on a first computing device and includes: receiving an encrypted query term from the second computing device; searching the encrypted data repository by determining one or more matches of the encrypted query term to data in the encrypted data repository; communicating the one or more matches to the second computing device; receiving associative data from the second computing device, the associative data associated with data in the encrypted data repository that is to be retrieved and associated with one of the one or more matches; retrieving the encrypted data in the encrypted data repository associated with the received associative data; and communicating the retrieved encrypted data to the second computing device.

Abstract: Provided is a system and method for confidential repository searching. The method executed on a first computing device and includes: receiving an encrypted query term from the second computing device; searching the encrypted data repository by determining one or more matches of the encrypted query term to data in the encrypted data repository; communicating the one or more matches to the second computing device; receiving associative data from the second computing device, the associative data associated with data in the encrypted data repository that is to be retrieved and associated with one of the one or more matches; retrieving the encrypted data in the encrypted data repository associated with the received associative data; and communicating the retrieved encrypted data to the second computing device.

Abstract: Fully homomorphic encryption integrated circuit (IC) chips, systems and associated methods are disclosed. In one embodiment, a method of operation for a number theoretic transform (NTT) butterfly circuit is disclosed. The (NTT) butterfly circuit includes a high input word path cross-coupled with a low word path. The high input word path includes a first adder/subtractor, and a first multiplier. The low input word path includes a second adder/subtractor, and a second multiplier. The method includes selectively bypassing the second adder/subtractor and the second multiplier, and reconfiguring the low and high input word paths into different logic processing units in response to different mode control signals.

Abstract: Remote terminals are configured to generate ciphertexts from plaintext polynomials. Each ciphertext corresponds to a plaintext polynomial bound to a message space of a polynomial-based fully homomorphic cryptographic scheme. At least one server is configured to receive ciphertexts via a network from the plurality of remote terminals. The server performs a multiplication operation and an addition operation on the ciphertexts to obtain resultant ciphertexts. The multiplication operation includes performing a bitwise decomposition function on a ciphertext to obtain a bitwise decomposed ciphertext. The bitwise decomposition function maps a multi-bit data type to a sequence of bits. The multiplication operation further includes performing matrix multiplication on the bitwise decomposed ciphertext and a data element belonging to a set of data elements. Message filters, data search engines, and other applications are discussed.

Abstract: Provided is a system and method for confidential string-matching and confidential deep-packet inspection. The method includes: receiving encrypted ciphertexts from a first computing device; windowing a text corpus and applying a hash; performing binning and splitting on the corpus set of hashes; performing batching on the binned and split corpus set of hashes; determining match ciphertexts by evaluating a homomorphic encryption circuit between the encrypted ciphertexts and the batched corpus set of hashes; and communicating the match ciphertexts to the first computing device, the confidential string matching determinable by the first computing device by: decrypting the match ciphertexts, determining from the decryption output, if the hash value for each pattern window matches the hash value for any corpus windows and if the matched windows are adjacent in the corpus.

Abstract: Provided is a system and method for hybrid windowing for string-matching of input patterns to a corpus. The method including: establishing a first window size and a hash function; performing hashing on input patterns having a size within a given range using dynamic-sized windows to determine a dynamic-windowed hash set, the given range established using the first window size; performing hashing on input patterns having a size outside the given range using fixed-sized windows to determine a fixed-windowed hash set; combining the dynamic-windowed hash set and the fixed-windowed hash set to determine a combined hash set; and outputting the combined hash set for use in the confidential string-matching.

Abstract: Fully homomorphic encryption integrated circuit (IC) chips, systems and associated methods are disclosed. In one embodiment, a method of operation for a number theoretic transform (NTT) butterfly circuit is disclosed. The (NTT) butterfly circuit includes a high input word path cross-coupled with a low word path. The high input word path includes a first adder/subtractor, and a first multiplier. The low input word path includes a second adder/subtractor, and a second multiplier. The method includes selectively bypassing the second adder/subtractor and the second multiplier, and reconfiguring the low and high input word paths into different logic processing units in response to different mode control signals.

Abstract: Fully homomorphic encryption integrated circuit (IC) chips, systems and associated methods are disclosed. In one embodiment, a method of operation for a number theoretic transform (NTT) butterfly circuit is disclosed. The (NTT) butterfly circuit includes a high input word path cross-coupled with a low word path. The high input word path includes a first adder/subtractor, and a first multiplier. The low input word path includes a second adder/subtractor, and a second multiplier. The method includes selectively bypassing the second adder/subtractor and the second multiplier, and reconfiguring the low and high input word paths into different logic processing units in response to different mode control signals.

Abstract: The present disclosure relates generally to homomorphic encryption, and specifically to using homomorphic encryption for secure information storage, transfer and computing. Described are systems for governing information transfers and systems for secure financial processing that include a hardware security module configured to generate a public key and a corresponding private key, homomorphically re-encrypt a set of confidential information into an encrypted information package, and make the encrypted information package available to be communicated.

Abstract: Systems, methods and devices for validating and performing operations on homomorphically encrypted data are described herein. The methods include securely transmitting and extracting information from encrypted data without fully decrypting the data. A data request may include an encrypted portion including a set of confidential data. One or more sets of encrypted comparison data may be then retrieved from a database in response to the data request. The encrypted set of confidential data from the data request is then compared with each set of encrypted comparison data using one or more homomorphic operations to determine which set of encrypted comparison data matches the encrypted set of confidential data. If there is a match, this validates the set of confidential data. An encrypted indicator is then generated indicating success or failure in validating the set of confidential data, which may then be forwarded to a party associated with the data request.

Abstract: Systems, methods and devices for validating and performing operations on homomorphically encrypted data are described herein. The methods include securely transmitting and extracting information from encrypted data without fully decrypting the data. A data request may include an encrypted portion including a set of confidential data. One or more sets of encrypted comparison data may be then retrieved from a database in response to the data request. The encrypted set of confidential data from the data request is then compared with each set of encrypted comparison data using one or more homomorphic operations to determine which set of encrypted comparison data matches the encrypted set of confidential data. If there is a match, this validates the set of confidential data. An encrypted indicator is then generated indicating success or failure in validating the set of confidential data, which may then be forwarded to a party associated with the data request.

Abstract: Provided is a system and method for confidential string-matching and confidential deep-packet inspection. The method includes: receiving encrypted ciphertexts from a first computing device; windowing a text corpus and applying a hash; performing binning and splitting on the corpus set of hashes; performing batching on the binned and split corpus set of hashes; determining match ciphertexts by evaluating a homomorphic encryption circuit between the encrypted ciphertexts and the batched corpus set of hashes; and communicating the match ciphertexts to the first computing device, the confidential string matching determinable by the first computing device by: decrypting the match ciphertexts, determining from the decryption output, if the hash value for each pattern window matches the hash value for any corpus windows and if the matched windows are adjacent in the corpus.

Abstract: Provided is a system and method for confidential string-matching and confidential deep-packet inspection. The method includes: receiving encrypted ciphertexts from a first computing device; windowing a text corpus and applying a hash; performing binning and splitting on the corpus set of hashes; performing batching on the binned and split corpus set of hashes; determining match ciphertexts by evaluating a homomorphic encryption circuit between the encrypted ciphertexts and the batched corpus set of hashes; and communicating the match ciphertexts to the first computing device, the confidential string matching determinable by the first computing device by: decrypting the match ciphertexts, determining from the decryption output, if the hash value for each pattern window matches the hash value for any corpus windows and if the matched windows are adjacent in the corpus.

Abstract: Remote terminals are configured to generate ciphertexts from plaintext polynomials. Each ciphertext corresponds to a plaintext polynomial bound to a message space of a polynomial-based fully homomorphic cryptographic scheme. At least one server is configured to receive ciphertexts via a network from the plurality of remote terminals. The server performs a multiplication operation and an addition operation on the ciphertexts to obtain resultant ciphertexts. The multiplication operation includes performing a bitwise decomposition function on a ciphertext to obtain a bitwise decomposed ciphertext. The bitwise decomposition function maps a multi-bit data type to a sequence of bits. The multiplication operation further includes performing matrix multiplication on the bitwise decomposed ciphertext and a data element belonging to a set of data elements. Message filters, data search engines, and other applications are discussed.

Abstract: Fully homomorphic encryption integrated circuit (IC) chips, systems and associated methods are disclosed. In one embodiment, a method of operation for a number theoretic transform (NTT) butterfly circuit is disclosed. The (NTT) butterfly circuit includes a high input word path cross-coupled with a low word path. The high input word path includes a first adder/subtractor, and a first multiplier. The low input word path includes a second adder/subtractor, and a second multiplier. The method includes selectively bypassing the second adder/subtractor and the second multiplier, and reconfiguring the low and high input word paths into different logic processing units in response to different mode control signals.

Abstract: Remote terminals are configured to generate ciphertexts from plaintext polynomials. Each ciphertext corresponds to a plaintext polynomial bound to a message space of a polynomial-based fully homomorphic cryptographic scheme. At least one server is configured to receive ciphertexts via a network from the plurality of remote terminals. The server performs a multiplication operation and an addition operation on the ciphertexts to obtain resultant ciphertexts. The multiplication operation includes performing a bitwise decomposition function on a ciphertext to obtain a bitwise decomposed ciphertext. The bitwise decomposition function maps a multi-bit data type to a sequence of bits. The multiplication operation further includes performing matrix multiplication on the bitwise decomposed ciphertext and a data element belonging to a set of data elements. Message filters, data search engines, and other applications are discussed.

Abstract: Fully homomorphic encryption integrated circuit (IC) chips, systems and associated methods are disclosed. In one embodiment, a method of operation for a number theoretic transform (NTT) butterfly circuit is disclosed. The (NTT) butterfly circuit includes a high input word path cross-coupled with a low word path. The high input word path includes a first adder/subtractor, and a first multiplier. The low input word path includes a second adder/subtractor, and a second multiplier. The method includes selectively bypassing the second adder/subtractor and the second multiplier, and reconfiguring the low and high input word paths into different logic processing units in response to different mode control signals.