Patents by Inventor Seny F. Kamara
Seny F. Kamara has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10033708Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: GrantFiled: October 31, 2016Date of Patent: July 24, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Mariana Raykova, Seny F. Kamara
-
Publication number: 20170048208Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: ApplicationFiled: October 31, 2016Publication date: February 16, 2017Applicant: Microsoft Technology Licensing, LLCInventors: Mariana RAYKOVA, Seny F. KAMARA
-
Patent number: 9521124Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: GrantFiled: October 19, 2015Date of Patent: December 13, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Mariana Raykova, Seny F. Kamara
-
Publication number: 20160044003Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: ApplicationFiled: October 19, 2015Publication date: February 11, 2016Applicant: Microsoft Technology Licensing, LLCInventors: Mariana RAYKOVA, Seny F. KAMARA
-
Patent number: 9191196Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the server module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: GrantFiled: April 2, 2013Date of Patent: November 17, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Mariana Raykova, Seny F. Kamara
-
Patent number: 9077539Abstract: The disclosed architecture employs techniques that make secure multi-party computation (MPC) practical and scalable. In support of utilizing cloud computing, for example, for evaluating functionality, a third party server can be employed which does not have any input to the computation and does not receive any output from the computation, yet has a vast amount of computational resources. Accordingly, the secure MPC architecture can outsource as much as possible of the computation and communications burden of the parties without the server(s) learning any information about the party inputs.Type: GrantFiled: March 9, 2011Date of Patent: July 7, 2015Assignee: Microsoft Technology Licensing, LLCInventors: Seny F. Kamara, Payman Mohassel
-
Patent number: 8874930Abstract: A storage system stores information about a graph in an encrypted form. A query module can submit a token to the storage system to retrieve specified information about the graph, e.g., to determine the neighbors of an entity in the graph, or to determine whether a first entity is connected to a second entity, etc. The storage system formulates its reply to the token in a lookup result. Through this process, the storage system gives selective access to information about the graph to authorized agents, yet otherwise maintains the general secrecy of the graph from the perspective of unauthorized agents, including the storage system itself. A graph processing module can produce encrypted graph information by encrypting any representation of the graph, such as an adjacency matrix, an index, etc.Type: GrantFiled: December 9, 2009Date of Patent: October 28, 2014Assignee: Microsoft CorporationInventors: Melissa E. Chase, Seny F. Kamara
-
Patent number: 8756410Abstract: Shares for one or more data values in a dataset can be computed using evaluation point values and sharing polynomials. Lagrangian coefficients can also be computed for the evaluation point values. The shares and the Lagrangian coefficients may be used to evaluate the polynomials on the data values. The technique can also include encrypting the Lagrangian coefficients according to an encryption scheme that provides for addition operations between encrypted values. An operation on representations of coefficients of the evaluation polynomial, representations of the shares, and the encrypted representations of the Lagrangian coefficients can be delegated to a remote computing environment. The operation can be performed at the remote computing environment, such as by performing a map-reduce operation. Results of the delegated operation can be received from the remote computing environment and processed to produce representation(s) of evaluation(s) of the polynomial on the data value(s).Type: GrantFiled: December 8, 2010Date of Patent: June 17, 2014Assignee: Microsoft CorporationInventors: Mariana Raykova, Seny F. Kamara
-
Publication number: 20130254532Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the server module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: ApplicationFiled: April 2, 2013Publication date: September 26, 2013Applicant: Microsoft CorporationInventors: Mariana Raykova, Seny F. Kamara
-
Patent number: 8539220Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: GrantFiled: February 26, 2010Date of Patent: September 17, 2013Assignee: Microsoft CorporationInventors: Mariana Raykova, Seny F. Kamara
-
Patent number: 8533489Abstract: A Searchable Symmetric Encryption (SSE) mechanism is described which allows efficient dynamic updating of encrypted index information. The encrypted index information includes pointer information that is encrypted using a malleable encryption scheme. The SSE mechanism updates the encrypted index information by modifying at least one instance of the pointer information without decrypting the pointer information, and thereby without revealing the nature of the changes being made. In one implementation, the SSE mechanism includes a main indexing structure and a deletion indexing structure. An updating operation involves patching applied to both the main indexing structure and deletion indexing structure.Type: GrantFiled: September 29, 2010Date of Patent: September 10, 2013Assignee: Microsoft CorporationInventors: Thomas M. Roeder, Seny F. Kamara
-
Patent number: 8370621Abstract: Counting values can be encrypted as a set of counting value cyphertexts according to a hidden vector encryption scheme using sample values of a set of samples, where each of the samples can include multiple sample values. Additionally, tokens can be generated. The tokens can be configured according to the hidden vector encryption scheme, such that each of the tokens can enable decryption of matching cyphertexts. Processing of the counting value cyphertexts and the tokens can be delegated to a map-reduce computer cluster. The cluster can run a map-reduce program to produce and return count representations. Each count representation can represent a count of a set of the counting value cyphertext(s) whose decryption was enabled by one or more of the token(s). For example, the counts may be counts that can be used in constructing a data structure such as a decision tree.Type: GrantFiled: December 7, 2010Date of Patent: February 5, 2013Assignee: Microsoft CorporationInventors: Mariana Raykova, Seny F. Kamara
-
Publication number: 20120233460Abstract: The disclosed architecture employs techniques that make secure multi-party computation (MPC) practical and scalable. In support of utilizing cloud computing, for example, for evaluating functionality, a third party server can be employed which does not have any input to the computation and does not receive any output from the computation, yet has a vast amount of computational resources. Accordingly, the secure MPC architecture can outsource as much as possible of the computation and communications burden of the parties without the server(s) learning any information about the party inputs.Type: ApplicationFiled: March 9, 2011Publication date: September 13, 2012Applicant: Microsoft CorporationInventors: Seny F. Kamara, Payman Mohassel
-
Publication number: 20120151205Abstract: Shares for one or more data values in a dataset can be computed using evaluation point values and sharing polynomials. Lagrangian coefficients can also be computed for the evaluation point values. The shares and the Lagrangian coefficients may be used to evaluate the polynomials on the data values. The technique can also include encrypting the Lagrangian coefficients according to an encryption scheme that provides for addition operations between encrypted values. An operation on representations of coefficients of the evaluation polynomial, representations of the shares, and the encrypted representations of the Lagrangian coefficients can be delegated to a remote computing environment. The operation can be performed at the remote computing environment, such as by performing a map-reduce operation. Results of the delegated operation can be received from the remote computing environment and processed to produce representation(s) of evaluation(s) of the polynomial on the data value(s).Type: ApplicationFiled: December 8, 2010Publication date: June 14, 2012Applicant: MICROSOFT CORPORATIONInventors: Mariana Raykova, Seny F. Kamara
-
Publication number: 20120144185Abstract: Counting values can be encrypted as a set of counting value cyphertexts according to a hidden vector encryption scheme using sample values of a set of samples, where each of the samples can include multiple sample values. Additionally, tokens can be generated. The tokens can be configured according to the hidden vector encryption scheme, such that each of the tokens can enable decryption of matching cyphertexts. Processing of the counting value cyphertexts and the tokens can be delegated to a map-reduce computer cluster. The cluster can run a map-reduce program to produce and return count representations. Each count representation can represent a count of a set of the counting value cyphertext(s) whose decryption was enabled by one or more of the token(s). For example, the counts may be counts that can be used in constructing a data structure such as a decision tree.Type: ApplicationFiled: December 7, 2010Publication date: June 7, 2012Applicant: MICROSOFT CORPORATIONInventors: Mariana Raykova, Seny F. Kamara
-
Publication number: 20120078914Abstract: A Searchable Symmetric Encryption (SSE) mechanism is described which allows efficient dynamic updating of encrypted index information. The encrypted index information includes pointer information that is encrypted using a malleable encryption scheme. The SSE mechanism updates the encrypted index information by modifying at least one instance of the pointer information without decrypting the pointer information, and thereby without revealing the nature of the changes being made. In one implementation, the SSE mechanism includes a main indexing structure and a deletion indexing structure. An updating operation involves patching applied to both the main indexing structure and deletion indexing structure.Type: ApplicationFiled: September 29, 2010Publication date: March 29, 2012Applicant: MICROSOFT CORPORATIONInventors: Thomas M. Roeder, Seny F. Kamara
-
Publication number: 20110211692Abstract: A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.Type: ApplicationFiled: February 26, 2010Publication date: September 1, 2011Inventors: Mariana Raykova, Seny F. Kamara
-
Publication number: 20110138190Abstract: A storage system stores information about a graph in an encrypted form. A query module can submit a token to the storage system to retrieve specified information about the graph, e.g., to determine the neighbors of an entity in the graph, or to determine whether a first entity is connected to a second entity, etc. The storage system formulates its reply to the token in a lookup result. Through this process, the storage system gives selective access to information about the graph to authorized agents, yet otherwise maintains the general secrecy of the graph from the perspective of unauthorized agents, including the storage system itself. A graph processing module can produce encrypted graph information by encrypting any representation of the graph, such as an adjacency matrix, an index, etc.Type: ApplicationFiled: December 9, 2009Publication date: June 9, 2011Applicant: Microsoft CorporationInventors: Melissa E. Chase, Seny F. Kamara