Abstract: Methods and systems for performing a machine learning operation on a server host using a secure enclave are provided. Exemplary methods include: receiving an encrypted service request from a client host, the client host encrypting a service request to produce the encrypted service request using a shared secret, the service request specifying the machine learning operation; decrypting, in a secure enclave that is established by a secure environment, the encrypted service request using the shared secret to produce a decrypted service request; performing the machine learning operation, in the secure enclave, using the decrypted service request to generate a service result; encrypting, in the secure enclave, the service result using the shared secret to create an encrypted service result; and providing the encrypted service result to the client host, the client host decrypting the encrypted service result using the shared secret.

Abstract: A method and system for secure multi-party computation reduces the number of parties participating in each partition of a computation circuit from a total party count N to one plus a checkpoint key share count. A controller partitions an overall secure multi-party computation circuit such that parts of the circuit that directly use each private input value are partitioned separately. For each partition, the controller assigns an input-providing computer and a plurality of key holder computers. Within each secure multi-party computation protocol instance, shares of a secret key are generated and distributed among the key holder computers. The partition output is encrypted using the secret key to produce encrypted checkpoint data, which is written to external storage. A subsequent protocol instance decrypts the checkpoint data using the key shares, enabling continued computation with a different input-providing computer while maintaining security through distributed key share custody.

Abstract: Disclosed herein are systems and methods for distributed processing of secure multi-party computations. One example method includes dividing an overall SMPC circuit into partitions to be processed by different computers, balancing the computational load across the computers by ensuring the partitions are of similar sizes, identifying and minimizing a number of inputs and outputs crossing partition boundaries to optimize performance and employing a controller computer to orchestrate distributed computational tasks and recover from potential system failures.

Abstract: Described herein are methods and systems for constructing an encrypted index of a database to facilitate secure and efficient encrypted queries. An example method includes creating a plaintext index sorted by specific attributes, mapping records to integers via a hash function, permuting records using a pseudo-random permutation network, and generating an encrypted swap vector through homomorphic encryption. This encrypted swap vector is then sent to the database, enabling the creation of an encrypted index that maintains query privacy while supporting efficient retrieval of data.

Abstract: An encryption system and method are provided that provide the ability to execute a secure multi-party computation (SMPC) protocol to compute a large function using check points. At each checkpoint, respective parties to the computation write out some encrypted data that can be used to initiate the next stage of the computation between the present check point and the next check point. In this manner, if any participating party experiences a failure, such as a network outage, system crash, disk corruption, etc., during the protocol execution, there is no need to re-start the entire protocol from scratch. This allows for large functions to be practically computed using SMPC.

Abstract: Methods and systems for training machine learning models with enforced differential privacy using Secure Multi-Party Computation (SMPC) protocols are disclosed. A method for generating random bits for a Secure Multi-Party Computation (SMPC) protocol in a machine learning model training system includes locally generating, at each participating node, a plurality of random bits using a cryptographically secure pseudorandom number generator (CSPRNG). The locally generated random bits provided as input to the SMPC protocol and combined using an exclusive or (XOR) or addition operation to produce a set of combined random bits. A statistical sampling process for Differential Privacy (DP) is performed using the combined random bits as inputs. The perturbed training data is then utilized in the SMPC protocol to train the machine learning model.

Abstract: Systems and methods for validating analytics or machine learning models using secure multi-party computation (SMPC) are disclosed. The system operates with a data owner party providing a validation data set and an analytic owner party supplying a specification of the analytic or machine learning model. The analytic owner party converts the specification into an oblivious computation and compiles it into a circuit of operations compatible with an SMPC protocol. The data owner party downloads the compiled specification and constructs a validation circuit to execute the model against the validation data set without revealing the data or model details. The results of the SMPC computation are evaluated to produce performance statistics of the model, ensuring privacy for both parties' data throughout the process.

Abstract: Disclosed herein are systems and methods for distributed processing of secure multi-party computations. One example method includes dividing an overall SMPC circuit into partitions to be processed by different computers, balancing the computational load across the computers by ensuring the partitions are of similar sizes, identifying and minimizing a number of inputs and outputs crossing partition boundaries to optimize performance and employing a controller computer to orchestrate distributed computational tasks and recover from potential system failures.

Abstract: Methods and systems for performing a machine learning operation on a server host using a secure enclave are provided. Exemplary methods include: receiving an encrypted service request from a client host, the client host encrypting a service request to produce the encrypted service request using a shared secret, the service request specifying the machine learning operation; decrypting, in a secure enclave that is established by a secure environment, the encrypted service request using the shared secret to produce a decrypted service request; performing the machine learning operation, in the secure enclave, using the decrypted service request to generate a service result; encrypting, in the secure enclave, the service result using the shared secret to create an encrypted service result; and providing the encrypted service result to the client host, the client host decrypting the encrypted service result using the shared secret.

Abstract: Methods and systems for performing a computational operation on a server host using a secure enclave are provided. Exemplary methods include: receiving an encrypted service request from a client host, the client host encrypting a service request to produce the encrypted service request using a shared secret, the service request specifying the computational operation; decrypting, in a secure enclave that is established by a secure environment, the encrypted service request using the shared secret to produce a decrypted service request; performing the computational operation, in the secure enclave, using the decrypted service request to generate a service result; encrypting, in the secure enclave, the service result using the shared secret to create an encrypted service result; and providing the encrypted service result to the client host, the client host decrypting the encrypted service result using the shared secret.

Abstract: Provided are systems and methods for performing a secure machine learning analysis over an instance. An example method includes receiving, from a client, by a server in an environment, an encrypted machine learning data structure that is formed by using a homomorphic encryption scheme to encrypt a machine learning data structure. The machine learning data structure is generated by training a machine learning model that contains the data structure. The method includes extracting, by the server, a previously unseen instance of data. The method continues with evaluating, by the server, the encrypted machine learning data structure over the previously unseen instance of data using the machine learning model, to generate an encrypted result about the previously unseen instance of data. The method concludes with sending, from the server, the encrypted result to the client. The encrypted result is configured to be decrypted at the client using the homomorphic encryption scheme.

Abstract: Provided are methods and systems for performing a secure machine learning analysis over an instance of data. An example method includes acquiring, by a client, a homomorphic encryption scheme, and at least one machine learning model data structure. The method further includes generating, using the encryption scheme, at least one homomorphically encrypted data structure, and sending the encrypted data structure to at least one server. The method includes executing a machine learning model, by the at least one server based on the encrypted data structure to obtain an encrypted result. The method further includes sending, by the server, the encrypted result to the client where the encrypted result is decrypted. The machine learning model includes neural networks and decision trees.

Abstract: Provided are methods and systems for performing secure analytics using term generations and a homomorphic encryption. An example method includes receiving, by at least one server from a client, a term generation function, a hash function, a public key of a homomorphic encryption scheme, and a homomorphically encrypted list of indices, wherein the list of indices is generated using the term generation function and the hash function, applying, by the server, the term generation function, the hash function, and the public key to a data set to determine a further homomorphically encrypted list of indices, extracting, by the server and using the homomorphically encrypted list of indices and the further homomorphically encrypted list of indices, data from the encrypted data set to obtain an encrypted result, and sending the encrypted result to the client to decrypt the encrypted result using a private key of the homomorphic encryption scheme.

Abstract: Methods and systems for performing a computational operation on a server host using a secure enclave are provided. Exemplary methods include: receiving an encrypted service request from a client host, the client host encrypting a service request to produce the encrypted service request using a shared secret, the service request specifying the computational operation; decrypting, in a secure enclave that is established by a secure environment, the encrypted service request using the shared secret to produce a decrypted service request; performing the computational operation, in the secure enclave, using the decrypted service request to generate a service result; encrypting, in the secure enclave, the service result using the shared secret to create an encrypted service result; and providing the encrypted service result to the client host, the client host decrypting the encrypted service result using the shared secret.

Abstract: Methods and systems for performing a computational operation on a server host are provided. Exemplary methods include: receiving an encrypted service request from a client host, the client host encrypting a service request to produce the encrypted service request using a shared secret, the service request specifying the computational operation; decrypting, in a secure enclave, the encrypted service request using the shared secret to produce a decrypted service request, the secure enclave preventing other software running on the server host from accessing the shared secret and other data stored in a memory space; performing the computational operation, in the secure enclave, using the decrypted service request to generate a service result; encrypting, in the secure enclave, the service result using the shared secret to create an encrypted service result; and providing the encrypted service result to the client host, the client host decrypting the encrypted service result.

Abstract: Example selector derived encryption methods and systems include creating a hashed and encrypted database, as well as performing a query against the hashed and encrypted database using an encrypted selector exchange protocol to prevent the exposure of extraneous data from the hashed and encrypted database.

Abstract: Provided are methods and systems for query processing with adaptive risk decisioning. An example method includes receiving a query by a client in communication with plurality of servers. The method further includes analyzing, by the client, the query to select at least one server being configured to provide data of a data source, the data being associated with a portion of the query. The method includes acquiring, by the client, a security profile of the data source. The method includes generating, by the client and based on the query, at least one subquery for the server. The method includes sending, by the client, the subquery to the server. The server processes, based on the security profile, the subquery over the data, to obtain a result of the subquery. The method includes generating, by the client and based on the result of the subquery, a result for the query.

Abstract: Systems and methods of secure analytics using an encrypted analytics matrix are disclosed herein. An example method includes encoding an analytic parameter set using a homomorphic encryption scheme as a homomorphic analytic matrix, wherein the homomorphic analytic matrix is generated by extracting a set of term components from an analytic and the analytic parameter set using a term generator function; transmitting a processing set to a server system, the processing set including at least the homomorphic analytic matrix and a keyed hashing function; and receiving a homomorphic encrypted result from the server system, the server system having utilized the homomorphic encryption scheme and the keyed hashing function to evaluate the homomorphic analytic matrix over a datasource.

Abstract: Provided are methods and systems for performing a secure probabilistic analytic using an encrypted analytics matrix. An example method includes acquiring, by a client, an analytic, analytic parameters associated with the analytic, and a homomorphic encryption scheme including a public key for encryption and a private key for decryption. The method further includes generating, using the encryption scheme, an analytic matrix based on the analytic and analytic parameters, and sending the analytic matrix and the encryption scheme to at least one server. The method includes generating, by the server and based on the encryption scheme, set of terms from a data set, evaluating the analytic matrix over the set of terms to obtain an encrypted result, and estimating a probabilistic error of the encrypted result. The method further includes sending, by the server, the encrypted result and the probabilistic error to the client where the encrypted result is decrypted.

Abstract: Selector derived encryption systems and methods are disclosed herein. An example method includes creating a hashed and encrypted database, as well as performing a query against the hashed and encrypted database using an encrypted selector exchange protocol to prevent the exposure of extraneous data from the hashed and encrypted database.