Abstract: A method, apparatus and computer program product for homomorphic computation enables secure computation of determinants of a matrix under Fully Homomorphic Encryption (FHE). According to this disclosure, encrypted data that contains the values of a matrix is received at a server. The matrix is separated into at least a first portion, and a second portion. Each portion is configured as a square. A first data vector of ciphertext is computed for the first portion, and a second data vector of ciphertext is computed for the second portion. Under FHE, determinants of the first and second data vectors are computed as Single Instruction Multiple Data (SIMD) operations to generate a set of results. The set of results are then used to compute a determinant of the matrix. The determinant may then be used for FHE-based analytics.

Abstract: Mechanisms are provided for performing a tournament selection process of a computer function. A request is received to execute the computer function on an input vector data structure, where a result of the computer function is provided by executing the tournament selection process. The input vector data structure is received, comprising a plurality of values where each value corresponds to a vector slot. An index vector data structure is received that comprises indices of the vector slots of the input vector. Iteration(s) of the tournament selection process are executed to identify a value in the input vector satisfying a criterion of the computer function. An operation is performed on the index vector data structure to generate an indicator vector data structure that uniquely identifies a slot in the input vector data structure that is a result of the computer function being executed on the input vector data structure.

Abstract: A method and system for evaluating and selecting an optimal packing solution (or solutions) for data that is run through a fully homomorphic encryption (FHE) simulation. In some instances, a user selected model architecture is provided in order to start simulating multiple potential configurations. Additionally, the cost of each simulated configuration is taken into account when determining an optimal packing solution.

Abstract: A computer-implemented method comprising: generating, from a key-seed associated with a user, a set of homomorphic encryption (HE) keys associated with an HE scheme; receiving, from a key management system (KMS) associated with said HE scheme, an encrypted version of said key-seed; storing said encrypted version of said key-seed, and said set of HE keys, in an untrusted storage location; and at a decryption stage, decrypting an encrypted computation result generated using said HE scheme, by: (i) recalling, from said untrusted storage location, said encrypted version of said key-seed, (ii) providing said encrypted version of said key-seed to said KMS, to obtain a decrypted version of said key-seed s associated with said user, (iii) generating, from said received decrypted version of said key-seed, a secret HE key associated with said HE scheme, and (iv) using said secret HE key to decrypt said encrypted computation result.

Abstract: An embodiment expands a polynomial into a plurality of products, each product in the plurality of products comprising a scaling coefficient multiplied by a sub-polynomial, each sub-polynomial comprising a sum of a plurality of addends, wherein a degree of each sub-polynomial is equal to a grouping parameter. An embodiment computes a plurality of ciphertext products, each ciphertext product equal to a ciphertext multiplied by itself a number of times, the number of times ranging from two to the grouping parameter. An embodiment computes, using the ciphertext and the plurality of ciphertext products in place of a variable of the polynomial, each of the plurality of products. An embodiment multiplies the plurality of products together.

Abstract: A method, apparatus and computer program product for privacy-preserving homomorphic inferencing. In response to receipt of encrypted data, a ciphertext of real numbers is generated. Each real number has an associated sign that is desired to be maintained. A mask is then identified, preferably via an iterative algorithm that works on a trial and error basis to locate an appropriate solution. The mask comprises set of values randomly distributed over a given positive range and that remain positive after encoding under a fixed-point arithmetic and with a low scale value. Under homomorphic encryption, the ciphertext is then multiplied by the mask to generate a result comprising values corresponding to the real numbers in the ciphertext and that maintain their associated signs. The result is provided as a response to the encrypted data.

Abstract: A technique for privacy-preserving homomorphic inferencing using a neural network having an activation function, such as a non-linear high-degree polynomial. The network is trained to learn input features of an input feature vector together with their associated inverses. During inferencing, an encrypted data point is received at the network. The data point comprises an input feature vector that has been extended with a set of one or more additional feature values, the set of one or more additional feature values having been generated by applying a normalized inverse function to respective one or more features in the feature vector. Homomorphic inferencing is performed on the encrypted data point using the machine learning model to generate an encrypted result, which is then returned. By applying the normalized inverse function, the high-degree polynomial can use any value of an input feature during inferencing, whether the value is within or outside of a particular input range.

Abstract: An example system includes a processor to receive a ciphertext including an encrypted packed plaintext. The processor can, in response to detecting that a reshape is to be executed for a data structure including the packed ciphertext, identify a target shape for the data structure and execute the reshape based on the identified target shape. The reshape is executed using multiplication by an identity element. The processor can then execute a homomorphic computation using the reshaped data structure.

Abstract: An example system includes a processor to split a graph of operations on tensors into even and odd vertical layers. In response to detecting even-even or odd-odd connections, the processor can fill the even-even or odd-odd connections using a reshape operation. The processor can also initialize outputs on a same layer type with a random packing data structure shape from a first group. The processor can then execute a breadth-first search backward based on a minimum number of shapes per layer.

Abstract: Mechanisms are provided for fully homomorphic encryption enabled graph embedding. An encrypted graph data structure, having encrypted entities and predicates, is received and, for each encrypted entity, a corresponding set of entity ciphertexts is generated based on an initial embedding of entity features. For each encrypted predicate, a corresponding predicate ciphertext is generated based on an initial embedding of predicate features. A machine learning process is iteratively executed, on the sets of entity ciphertexts and the predicate ciphertexts, to update embeddings of the entity features of the encrypted entities and update embeddings of predicate features of the encrypted predicates, to generate a computer model for embedding entities and predicates. A final embedding is output based on the updated embeddings of the entity features and predicate features of the computer model.

Abstract: A method, a neural network, and a computer program product are provided that optimize training of neural networks using homomorphic encrypted elements and dropout algorithms for regularization. The method includes receiving, via an input to the neural network, a training dataset containing samples that are encrypted using homomorphic encryption. The method also includes determining a packing formation and selecting a dropout technique during training of the neural network based on the packing technique. The method further includes starting with a first packing formation from the training dataset, inputting the first packing formation in an iterative or recursive manner into the neural network using the selected dropout technique, with a next packing formation from the training dataset acting as an initial input that is applied to the neural network for a next iteration, until a stopping metric is produced by the neural network.

Abstract: An example system can include a processor to receive a ciphertext including a fully homomorphic encrypted (FHE) time series from a client device. The processor can train an ARIMA model on the ciphertext using an estimated error and approximating polynomials. The processor can generate an encrypted report and send the encrypted report to the client device.

Abstract: An example system includes a processor to mask a ciphertext using four random elements to generate masked ciphertexts. The processor can send the masked ciphertexts to a server device. The processor can receive masked plaintexts from the server device. The processor can unmask the masked plaintexts using the four random elements to generate unmasked plaintexts.

Abstract: A trained neural network is partitioned into a client-side portion and a server-side portion, the client-side portion comprising a first set of layers of the trained neural network, the server-side portion comprising a second set of layers of the trained neural network, the trained neural network trained using a first set of training data. From a homomorphically encrypted intermediate result input to the server-side portion, a homomorphically encrypted output of the trained neural network is computed, the homomorphically encrypted intermediate result comprising a homomorphically encrypted output computed by the client-side portion.

Abstract: Privacy-preserving homomorphic inferencing utilizes batch processing on encrypted data records. Each data record has a private data portion of interest against which the inferencing is carried out. Batch processing is enabled with respect to a set of encrypted data records by techniques that ensure that each encrypted data record has its associated private data portion in a unique location relative to the other data records. The set of encrypted data records are then summed to generate a single encrypted data record against which the inferencing is done. In a first embodiment, the private data portions of interest are selectively and uniquely positioned at runtime (when the inferencing is being applied). In a second embodiment, the private data portions of interest are initially positioned with the data-at-rest, preferably in an off-line process; thereafter, at runtime individual encrypted data records are processed as necessary to adjust the private data portions to unique positions prior to batching.

Abstract: A computer-implemented method comprising: generating, from a key-seed associated with a user, a set of homomorphic encryption (HE) keys associated with an HE scheme; receiving, from a key management system (KMS) associated with said HE scheme, an encrypted version of said key-seed; storing said encrypted version of said key-seed, and said set of HE keys, in an untrusted storage location; and at a decryption stage, decrypting an encrypted computation result generated using said HE scheme, by: (i) recalling, from said untrusted storage location, said encrypted version of said key-seed, (ii) providing said encrypted version of said key-seed to said KMS, to obtain a decrypted version of said key-seed s associated with said user, (iii) generating, from said received decrypted version of said key-seed, a secret HE key associated with said HE scheme, and (iv) using said secret HE key to decrypt said encrypted computation result.

Abstract: Mechanisms are provided for performing a tournament selection process of a computer function. A request is received to execute the computer function on an input vector data structure, where a result of the computer function is provided by executing the tournament selection process. The input vector data structure is received, comprising a plurality of values where each value corresponds to a vector slot. An index vector data structure is received that comprises indices of the vector slots of the input vector. Iteration(s) of the tournament selection process are executed to identify a value in the input vector satisfying a criterion of the computer function. An operation is performed on the index vector data structure to generate an indicator vector data structure that uniquely identifies a slot in the input vector data structure that is a result of the computer function being executed on the input vector data structure.

Abstract: An example system includes a processor to pack a received tensor using a designated packing to generate a number of smaller ciphertexts. The processor can compute a rotation using the number of smaller ciphertexts to simulate a rotation operation on the tensor.

Abstract: A method, apparatus and computer program product for privacy-preserving homomorphic inferencing. In response to receipt of encrypted data, a ciphertext of real numbers is generated. Each real number has an associated sign that is desired to be maintained. A mask is then identified, preferably via an iterative algorithm that works on a trial and error basis to locate an appropriate solution. The mask comprises set of values randomly distributed over a given positive range and that remain positive after encoding under a fixed-point arithmetic and with a low scale value. Under homomorphic encryption, the ciphertext is then multiplied by the mask to generate a result comprising values corresponding to the real numbers in the ciphertext and that maintain their associated signs. The result is provided as a response to the encrypted data.

Abstract: An example system includes a processor that can receive a number of complex packed tensors, wherein each of the complex packed tensors include real numbers encoded as imaginary parts of complex numbers. The processor can execute a single instruction, multiple data (SIMD) operation on the complex packed tensors using an integrated circuit of real and complex packed tensors in a complex domain to generate a result.