Abstract: An example system includes a processor that can receive a number of complex packed tensors, wherein each of the complex packed tensors include real numbers encoded as imaginary parts of complex numbers. The processor can execute a single instruction, multiple data (SIMD) operation on the complex packed tensors using an integrated circuit of real and complex packed tensors in a complex domain to generate a result.

Abstract: Mechanisms are provided for fully homomorphic encryption enabled graph embedding. An encrypted graph data structure, having encrypted entities and predicates, is received and, for each encrypted entity, a corresponding set of entity ciphertexts is generated based on an initial embedding of entity features. For each encrypted predicate, a corresponding predicate ciphertext is generated based on an initial embedding of predicate features. A machine learning process is iteratively executed, on the sets of entity ciphertexts and the predicate ciphertexts, to update embeddings of the entity features of the encrypted entities and update embeddings of predicate features of the encrypted predicates, to generate a computer model for embedding entities and predicates. A final embedding is output based on the updated embeddings of the entity features and predicate features of the computer model.

Abstract: Embodiments may provide techniques that may provide more accurate and actionable alerts by cloud workload security systems so as to improve overall cloud workload security. For example, in an embodiment, a method may be implemented in a computer system comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor, and the method may comprise generating performance and security information relating to a software system during development of the software system, generating performance and security information relating to the software system during deployed operation of the software system, matching the performance and security information generated during development of the software system with the performance and security information generated during deployed operation of the software system to determine performance and security alerts to escalate, and reporting the escalated performance and security alerts.

Abstract: An example system includes a processor to compute a tensor of indicators indicating a presence of partial sums in an encrypted vector of indicators. The processor can also securely reorder an encrypted array based on the computed tensor of indicators to generate a reordered encrypted array.

Abstract: Systems for generating attack event logs are disclosed. An example system includes a storage device for storing an event log template. The system also includes a processor to receive a selection of the event log template, and receive an attack description comprising user instructions to fabricate synthetic log entries according to a format defined in the event log template. The attack description includes variables and rules for determining values for the variables. The processor generates the attack event log by determining values that satisfy the rules and writing the values into selected fields of the event log template.

Abstract: A second set of data identifiers, comprising identifiers of data usable in federated model training by a second data owner, is received at a first data owner from the second data owner. An intersection set of data identifiers is determined at the first data owner. At the first data owner according to the intersection set of data identifiers, the data usable in federated model training is rearranged by the first data owner to result in a first training dataset. At the first data owner using the intersection set of data identifiers, the first training dataset, and a previous iteration of an aggregated set of model weights, a first partial set of model weights is computed. An updated aggregated set of model weights, comprising the first partial set of model weights and a second partial set of model weights from the second data owner, is received from an aggregator.

Abstract: A computer-implemented method including, in a fully-homomorphic encryption (FHE) scheme that employs ciphertext rescaling at different levels of a modulus chain of prime numbers: initializing a scale of the highest level of the modulus chain to a value that equals a weighted geometric mean of all the prime numbers, wherein, in the weighted geometric mean, the weight for each of the prime numbers is two to the power of: a location of the respective prime number in the modulus chain, minus one.

Abstract: A method comprising: receiving an input tensor having a shape defined by [n1, . . . , nk], where k is equal to a number of dimensions that characterize the input tensor; receiving tile tensor metadata comprising: a tile tensor shape defined by [t1, . . . , tk], and information indicative of an interleaving stride to be applied with respect to each dimension of the tile tensor; constructing an output tensor comprising a plurality of the tile tensors, by applying a packing algorithm which maps each element of the input tensor to at least one slot location of one of the plurality of tile tensors, based on the tile tensor shape and the interleaving stride, wherein the interleaving stride results in non-contiguous mapping of the elements of the input tensor, such that each of the tile tensors includes a subset of the elements of the input tensor which are spaced within the input tensor according to the interleaving stride.

Abstract: An example system includes a processor to prune a machine learning model based on an importance of neurons or weights. The processor is to further permute and pack remaining neurons or weights of the pruned machine learning model to reduce an amount of ciphertext computation under a selected constraint.

Abstract: A computer-implemented method for generating hash values to determine string similarity is disclosed. The computer-implemented method includes converting a first text string of a first data set into a first set of shingles. The computer-implemented method further includes determining a weight associated with each shingle in the first set of shingles based, at least in part, on a particular record field associated with a shingle. The computer-implemented method further includes generating, based on a hash function, a hash value for each shingle in the first set of shingles. The computer-implemented method further includes reducing the hash value generated for each shingle in the first set of shingles, based, at least in part on the weight associated with the shingle.

Abstract: A method and system for evaluating and selecting an optimal packing solution (or solutions) for data that is run through a fully homomorphic encryption (FHE) simulation. In some instances, a user selected model architecture is provided in order to start simulating multiple potential configurations. Additionally, the cost of each simulated configuration is taken into account when determining an optimal packing solution.

Abstract: In response to identifying that a Single Instruction, Multiple Data (SIMD) operation has been instructed to be performed or has been performed by a Fully-Homomorphic Encryption (FHE) software on one or more original ciphertexts, performing the following steps: Performing the same operation on one or more original plaintexts, respectively, that are each a decrypted version of one of the one or more original ciphertexts. Decrypting a ciphertext resulting from the operation performed on the one or more original ciphertexts. Comparing the decrypted ciphertext with a plaintext resulting from the same operation performed on the one or more original plaintexts. Based on said comparison, performing at least one of: (a) determining an amount of noise caused by the operation, (b) determining whether unencrypted data underlying the one or more original ciphertexts has become corrupt by the operation, and (c) determining correctness of an algorithm which includes the operation.

Abstract: An example system includes a processor that can obtain a circuit describing operations of sequential secure computation code. The processor can modify the circuit based on a cost function. The processor can partition the circuit into a number of sub-circuits. The processor can assign the number of the sub-circuits to different processors for execution.

Abstract: A computer-implemented method for privately determining data intersection is disclosed. The computer-implemented method includes performing private set intersection between two record sets to determine identical intersecting records corresponding to a particular record field. The computer-implemented method includes removing any identical intersecting records from each record set to form two record subsets. The computer-implemented method includes separately computing locality sensitive hash values for each of the two record subsets, wherein the locality sensitive hash values are computed for records corresponding to the particular record field. The computer-implemented method includes jointly performing private set intersection between the locality sensitive hash values separately computed for each of the two record subsets.

Abstract: An example system includes a processor to receive, from a client device, a delete query requesting deletion of a row of in a fully homomorphically encrypted (FHE) database. The processor can store an identifier of the row to be deleted in a deletion queue, where the row is to be replaced with values of a row to be inserted from a received insertion query.

Abstract: A method for automatically migrating infrastructure as code (IaC) from a first cloud infrastructure platform to a second cloud infrastructure platform is provided. The method may include receiving an original IaC comprising a first type of coding language. The method may further include using natural language processing to map a connection between the first type of coding language and a second type of coding language. The method may further include based on the mapped connection, using the NLP to automatically generate a partial translation of the first type of coding language to the second type of coding language. The method may further include using a machine learning algorithm to correct at least one inaccuracy in the partial translation. The method may further include generating a complete translation and implementing a second IaC on the second cloud infrastructure platform based on the complete translation.

Abstract: In response to identifying that a Single Instruction, Multiple Data (SIMD) operation has been instructed to be performed or has been performed by a Fully-Homomorphic Encryption (FHE) software on one or more original ciphertexts, performing the following steps: Performing the same operation on one or more original plaintexts, respectively, that are each a decrypted version of one of the one or more original ciphertexts. Decrypting a ciphertext resulting from the operation performed on the one or more original ciphertexts. Comparing the decrypted ciphertext with a plaintext resulting from the same operation performed on the one or more original plaintexts. Based on said comparison, performing at least one of: (a) determining an amount of noise caused by the operation, (b) determining whether unencrypted data underlying the one or more original ciphertexts has become corrupt by the operation, and (c) determining correctness of an algorithm which includes the operation.

Abstract: Executing the operations of an arithmetic circuit by using a hybrid strategy that employs both fully homomorphic encryption (FHE) methods and multi-party computation (MPC) methods. In order to utilize this hybrid strategy, an arithmetic circuit is split into multiple partitions (at least two), and each partition is assigned to be executed using FHE methods or MPC methods. Finally, this hybrid strategy is utilized in a manner that automatically takes into account CPU and network utilization costs.

Abstract: An example system includes a processor to receive, from a client device, a delete query requesting deletion of a row of in a fully homomorphically encrypted (FHE) database. The processor can store an identifier of the row to be deleted in a deletion queue, where the row is to be replaced with values of a row to be inserted from a received insertion query.

Abstract: An example system includes a processor that can obtain a circuit describing operations of sequential secure computation code. The processor can modify the circuit based on a cost function. The processor can partition the circuit into a number of sub-circuits. The processor can assign the number of the sub-circuits to different processors for execution.