Abstract: Embodiments of the present invention provide systems, methods, and computer storage media directed to optimizing the generation, evaluation, and selection of tensor circuit specifications for a tensor circuit to perform homomorphic encryption operations on encrypted data. A computing device having an improved compiler and runtime configuration can obtain a tensor circuit and associated schema. The computing device can map the obtained tensor circuit to an equivalent tensor circuit, adapted to perform fully homomorphic encryption (FHE) operations, and instantiated based on the obtained associated scheme. The computing device can then monitor a flow of data through the equivalent FHE-adapted tensor circuit utilizing various tensor circuit specifications determined therefor.

Abstract: Embodiments of the present invention provide systems, methods, and computer storage media directed to optimizing the generation, evaluation, and selection of tensor circuit specifications for a tensor circuit to perform homomorphic encryption operations on encrypted data. A computing device having an improved compiler and runtime configuration can obtain a tensor circuit and associated schema. The computing device can map the obtained tensor circuit to an equivalent tensor circuit, adapted to perform fully homomorphic encryption (FHE) operations, and instantiated based on the obtained associated scheme. The computing device can then monitor a flow of data through the equivalent FHE-adapted tensor circuit utilizing various tensor circuit specifications determined therefor.

Abstract: The techniques and/or systems described herein are directed to improvements in genomic prediction using homomorphic encryption. For example, a genomic model can be generated by a prediction service provider to predict a risk of a disease or a presence of genetic traits. Genomic data corresponding to a genetic profile of an individual can be batch encoded into a plurality of polynomials, homomorphically encrypted, and provided to a service provider for evaluation. The genomic model can be batch encoded as well, and the genetic prediction may be determined by evaluating a dot product of the genomic model data the genomic data. A genomic prediction result value can be provided to a computing device associated with a user for subsequent decrypting and decoding. Homomorphic encoding and encryption can be used such that the genomic data may be applied to the prediction model and a result can be obtained without revealing any information about the model, the genomic data, or any genomic prediction.

Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic encryption to improve processing speed and storage requirements. For example, the techniques and/or systems can be used on a client device to encode data to be sent to a remote server, to be operated on while maintaining confidentiality of data. For example, data including a real number can be encoded as a polynomial, with the fractional part of the real number encoded as high-order coefficients in the polynomial. Further, real numbers can be approximated and encoded in a polynomial using a fractional base, and/or the encoding can include slot encoding. Thus, the optimized encodings disclosed herein provide an optimized homomorphic encryption scheme.

Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic encryption to improve processing speed and storage requirements. For example, the techniques and/or systems can be used on a client device to encode data to be sent to a remote server, to be operated on while maintaining confidentiality of data. The encoding scheme can be optimized by automatically selecting one or more parameters using an error growth simulator based on an actual program that operates on the encoded data. For example, the simulator can be used iteratively to determine an optimized parameter set which allows for improved homomorphic operations while maintaining security and confidentiality of a user's data.

Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic operations within a homomorphic encryption scheme. The homomorphic operations may be performed on encrypted data received from a client device without decrypting the data at a remote computing device, thereby maintaining the confidentiality of the data. In addition to the operations of addition, subtraction, and multiplication, the homomorphic operations may include an approximate division, a sign testing, a comparison testing, and an equality testing. By combining these operations, a user may perform optimized operations with improved processor and memory requirements.

Abstract: The techniques and/or systems described herein are directed to improvements in genomic prediction using homomorphic encryption. For example, a genomic model can be generated by a prediction service provider to predict a risk of a disease or a presence of genetic traits. Genomic data corresponding to a genetic profile of an individual can be batch encoded into a plurality of polynomials, homomorphically encrypted, and provided to a service provider for evaluation. The genomic model can be batch encoded as well, and the genetic prediction may be determined by evaluating a dot product of the genomic model data the genomic data. A genomic prediction result value can be provided to a computing device associated with a user for subsequent decrypting and decoding. Homomorphic encoding and encryption can be used such that the genomic data may be applied to the prediction model and a result can be obtained without revealing any information about the model, the genomic data, or any genomic prediction.

Abstract: Techniques and architectures may be used to provide an environment where a data owner storing private encrypted data in a cloud and a data evaluator may engage in a secure function evaluation on at least a portion of the data. Neither of these involved parties is able to learn anything beyond what the parties already know and what is revealed by the function, even if the parties are actively malicious. Such an environment may be useful for business transactions, research collaborations, or mutually beneficial computations on aggregated private data.

Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic operations within a homomorphic encryption scheme. The homomorphic operations may be performed on encrypted data received from a client device without decrypting the data at a remote computing device, thereby maintaining the confidentiality of the data. In addition to the operations of addition, subtraction, and multiplication, the homomorphic operations may include an approximate division, a sign testing, a comparison testing, and an equality testing. By combining these operations, a user may perform optimized operations with improved processor and memory requirements.

Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic encryption to improve processing speed and storage requirements. For example, the techniques and/or systems can be used on a client device to encode data to be sent to a remote server, to be operated on while maintaining confidentiality of data. The encoding scheme can be optimized by automatically selecting one or more parameters using an error growth simulator based on an actual program that operates on the encoded data. For example, the simulator can be used iteratively to determine an optimized parameter set which allows for improved homomorphic operations while maintaining security and confidentiality of a user's data.

Abstract: The techniques and/or systems described herein are directed to improvements in homomorphic encryption to improve processing speed and storage requirements. For example, the techniques and/or systems can be used on a client device to encode data to be sent to a remote server, to be operated on while maintaining confidentiality of data. For example, data including a real number can be encoded as a polynomial, with the fractional part of the real number encoded as high-order coefficients in the polynomial. Further, real numbers can be approximated and encoded in a polynomial using a fractional base, and/or the encoding can include slot encoding. Thus, the optimized encodings disclosed herein provide an optimized homomorphic encryption scheme.

Abstract: A backup system that utilizes contextual and semantic concepts is described. The backup system provides for the ability to create a version changes log for listing and tracking all the changes in the different versions of the file. The version changes log creates a contextual description around the changes, deletions and additions. The semantic concept log is created from the version changes log to create a log of all of the semantic concepts associated with each change. A visualization builder then creates visualizations that can be used by the user to search for changes, deletions and additions whether in a text file or an image file.

Abstract: Representations of polynomials a, s, t, e—1 and e—2 can be provided. Values of coefficients of the polynomials can be limited, and can be computed using randomization techniques. A verification key can be generated to include representations of polynomials a, b, and c. Computation of b can include computing a product using a and s, and adding e—1. Computation of c can include computing a product using a and t, and adding e—2. A signing key can represent s and t. The signing key can be used to produce a message signature that can represent a sum of t and a product of s and m, with m being derived from a message to be signed. The verification key can be used to verify the signature by checking coefficient sizes of a polynomial represented by the signature, and of a checking polynomial derived from the verification key and the signature.

Abstract: An exemplary method includes defining a CM field, representing coefficients of a Frobenius element of a hyperelliptic curve over a prime field as non-linear polynomials that are functions of an integer x and selecting a value for x whereby the product of the Frobenius element and its complex conjugate is a prime number. Such a method may further include determining the order of the Jacobian of the hyperelliptic curve, for example, where the order is an almost prime number. Various other methods, devices, systems, etc., are also disclosed, which may be optionally used for cryptography.

Abstract: This cryptographic curve generation technique provides a faster way of constructing a genus 2 curve. The technique provides a procedure to compute isogenies between genus 2 curves over finite fields. Instead of looping over possible roots, as is typically done when solving Igusa class polynomials, the technique only finds one root and then applies the isogenies to find the others. The technique computes a set of polynomials that define all isogenies. To do this, for a given root of an Igusa class polynomial over a finite field, the technique computes a value of a small modular function ƒ. To the value of this function ƒ, the technique applies an isogeny to find an isogenous ƒ-value. The technique then transforms the ƒ-value back into an Igusa value. Once the Igusa class polynomials are solved they can be used to generate a genus 2 curve which can be used in cryptographic applications.

Abstract: Systems and methods for computing modular polynomials modulo large primes are described. In one aspect, the systems and methods generate l-isogenous elliptic curves. A modular polynomial modulo a large prime p is then computed as a function of l-isogenous elliptic curves modulo p. In one aspect, the modular polynomial may be used in a cryptosystem.

Abstract: Techniques are disclosed for representing and evaluating large prime degree isogenies for use in cryptographic signature and encryption schemes. An isogeny of prime degree 1 may be represented as an ideal in the form (1, A*alpha+B), where 1 comprises the degree of a prime number, the prime number is split into integers a and b, and alpha is a known endomorphism. For a given degree 1, integers a and b define a unique isogeny, allowing the isogeny to be stored with 3 log(1) bits of information. Techniques are also disclosed to evaluate the isogeny at a given point by decomposing the isogeny into an integer and a plurality of smaller degree isogenies, evaluating the smaller degree isogenies at the point with traditional means, and multiplying the results of the evaluations together and with the integer.

Abstract: Representations of polynomials a, s, t, e—1 and e—2 can be provided. Values of coefficients of the polynomials can be limited, and can be computed using randomization techniques. A verification key can be generated to include representations of polynomials a, b, and c. Computation of b can include computing a product using a and s, and adding e—1. Computation of c can include computing a product using a and t, and adding e—2. A signing key can represent s and t. The signing key can be used to produce a message signature that can represent a sum of t and a product of s and m, with m being derived from a message to be signed. The verification key can be used to verify the signature by checking coefficient sizes of a polynomial represented by the signature, and of a checking polynomial derived from the verification key and the signature.

Abstract: An exemplary method includes receiving a request to register a peer in a peer-to-peer system; generating or selecting a transaction key for the peer; storing the transaction key in association with registration information for the peer; transmitting the transaction key to the peer and, in response to a request to perform a desired peer-to-peer transaction by another peer, generating a token, based at least in part on the transaction key. Such a token allows for secure transactions in a peer-to-peer system including remote storage of data and retrieval of remotely stored data. Other exemplary techniques are also disclosed including exemplary modules for a peer-to-peer server and peers in a peer-to-peer system.

Abstract: AKE with derived ephemeral keys is described. In one aspect, a first party computes a derived ephemeral public-key based on a derived ephemeral secret key and a mathematical group. The derived ephemeral secret key is based on an ephemeral secret key and a long-term secret key. The first party generates a session key for secure exchange of information with a second party. The session key is generated using the derived ephemeral secret key and a second party derived ephemeral public-key key to demonstrate to the second party that the first party possesses the long-term secret key.