Abstract: A system for identifying one or more malicious parties participating in a secure multi-party computation (MPC), comprising one of a plurality of computing nodes communicating with the plurality of computing nodes through a network(s). The computing node is adapted for participating in an MPC with the plurality of computing nodes using secure protocol(s) established over the network(s), the secure protocol(s) support transmittal of private messages to each of the other computing nodes and transmittal of broadcast messages to all of the computing nodes, detecting invalid share value(s) of a plurality of share values computed and committed by the computing nodes during the MPC, verifying each of the share values according to a plurality of agreed share values valid for the MPC which are determined through a plurality of broadcast private messages, identifying identity of malicious computing node(s) which committed the invalid share value(s) failing the verification and outputting the identity.

Abstract: A method for performing secure computations on records, comprising: receiving a request to apply an arithmetic computation on a record; assigning a respective partial record to each of a plurality of computational processes; instructing each of the computational processes sharing a computation scheme to perform the following: submitting the arithmetic computation to the computation scheme to assemble a processed partial record from the respective partial record components; instructing each of the plurality of computational processes to verify an integrity of at least one of the plurality of processed partial records by: broadcasting combined encryptions of one of the plurality of processed partial record components to all other of the plurality of computational processes and analyzing received combined encryptions to detect integrity in the other of the processed partial record components; and when the detected integrity is valid, calculating a response to the request by combining the received processed parti

Abstract: A method for signing a message, comprising performing a first Multi-Party Computation (MPC) process by multiple parties to compute a pseudorandom function, an input of the first MPC process comprises shares of a private signing key, each share is held by each party, the message is an input value to the pseudorandom function. The output of the first MPC process comprises multiple pairs of shares, each party holding a pair of shares, wherein each pair comprises a first value used for the MPC signing process and a second verifying value used for verifying correctness of the values provided by the multiple parties for the MPC signing process, and computing the signature on the message by performing an MPC signing protocol on the message, the MPC signing protocol receives as input shares of the output of the pseudorandom function from the multiple parties, and the message to be signed.

Abstract: A method of performing a Multi-Party Computation (MPC) process between two parties and a server, the parties generating initial garbled labels to an initial garbled circuit and sending the initial garbled labels corresponding to an input to the server, the parties generating a fresh garbled circuit and generating multiple bridge gates for translating the initial garbled labels to garbled values for the inputs to the fresh garbled circuit, where each of the bridge gates is associated with a specific input wire of the fresh garbled circuit and maps a value of the initial garbled labels to a value of garbled labels of the fresh garbled circuit, where the server computes fresh garbled values for the fresh garbled circuit using the bridge gates and the initial garbled values and evaluates the fresh garbled circuit using the fresh garbled labels.

Abstract: The subject matter discloses a method operated on a computerizing system comprising generating two secret shares of at least some of the data fields in a database, loading data fields of the database into two database copies, wherein one secret share of the two secret shares is loaded into one database copy and another secret share of the two secret shares is loaded into another database copy, receiving a request to perform a query in the database, processing said query on the database copies, wherein the database fields employed by the query process and the query results remain secret during processing, and revealing the secret query results.

Abstract: The subject matter discloses a system for enforcing correctness of a derivation key, comprising multiple computerized nodes, comprising a storage module configured to store a share of a key used as an input of a function generating the derivation key, a communication module configured to exchange information between the multiple computerized nodes, and a processing module configured to receiving a request to create the derivation key, performing an MPC process between the multiple computerized nodes, said MPC process is performed multiple times, in each time the MPC process comprises receiving the key shares as input, randomly selecting a function, outputting the outputs of the selected function to the multiple computerized nodes, the multiple computerized nodes lack access to the selected function, the multiple computerized nodes perform computations on the received outputs and exchange outputs of the computations to estimate correction of the key shares inputted into the MPC process.

Abstract: A method for signing a message, comprising performing a first Multi-Party Computation (MPC) process by multiple parties to compute a pseudorandom function, an input of the first MPC process comprises shares of a private signing key, each share is held by each party, the message is an input value to the pseudorandom function. The output of the first MPC process comprises multiple pairs of shares, each party holding a pair of shares, wherein each pair comprises a first value used for the MPC signing process and a second verifying value used for verifying correctness of the values provided by the multiple parties for the MPC signing process, and computing the signature on the message by performing an MPC signing protocol on the message, the MPC signing protocol receives as input shares of the output of the pseudorandom function from the multiple parties, and the message to be signed.

Abstract: A method for performing secure computations on records, comprising: receiving a request to apply an arithmetic computation on a record; assigning a respective partial record to each of a plurality of computational processes; instructing each of the computational processes sharing a computation scheme to perform the following: submitting the arithmetic computation to the computation scheme to assemble a processed partial record from the respective partial record components; instructing each of the plurality of computational processes to verify an integrity of at least one of the plurality of processed partial records by: broadcasting combined encryptions of one of the plurality of processed partial record components to all other of the plurality of computational processes and analyzing received combined encryptions to detect integrity in the other of the processed partial record components; and when the detected integrity is valid, calculating a response to the request by combining the received processed parti

Abstract: The present invention discloses a method and system for securing digital transactions provided by a person operating a third-party computerized device designed to communicate with a multiparty signing system. The multiparty signing system may comprise a signing subsystem comprising a multiparty signing server designed to receive a request for digital signing and a first subset of end-user nodes designed to sign the digital transaction. The multiparty signing system may also comprise an approving subsystem designed for approving the digital transactions. The approving subsystem may comprise a coordinator and a second subset of end-user nodes for approving the digital transactions.

Abstract: The present invention discloses a method and system for securing digital transactions provided by a person operating a third-party computerized device designed to communicate with a multiparty signing system. The multiparty signing system may comprise a signing subsystem comprising a multiparty signing server designed to receive a request for digital signing and a first subset of end-user nodes designed to generate a group of key shares which can be utilized in MPC processes conducted by the multiparty signing server. The multiparty signing system may also comprise an approving subsystem designed for generating groups of key shares to approve the digital transactions. The approving subsystem may comprise a coordinator and a second subset of end-user nodes for generating groups of key shares. The multiparty signing server may be configured to receive from a third-party server a transaction to sign and to send a first request to the coordinator to receive a first group of key shares.

Abstract: The subject matter discloses a system for enforcing correctness of a derivation key, comprising multiple computerized nodes, comprising a storage module configured to store a share of a key used as an input of a function generating the derivation key, a communication module configured to exchange information between the multiple computerized nodes, and a processing module configured to receiving a request to create the derivation key, performing an MPC process between the multiple computerized nodes, said MPC process is performed multiple times, in each time the MPC process comprises receiving the key shares as input, randomly selecting a function, outputting the outputs of the selected function to the multiple computerized nodes, the multiple computerized nodes lack access to the selected function, the multiple computerized nodes perform computations on the received outputs and exchange outputs of the computations to estimate correction of the key shares inputted into the MPC process.

Abstract: The present invention discloses a method and system for securing digital transactions provided by a person operating a third-party computerized device designed to communicate with a multiparty signing system. The multiparty signing system may comprise a signing subsystem comprising a multiparty signing server designed to receive a request for digital signing and a first subset of end-user nodes designed to sign the digital transaction. The multiparty signing system may also comprise an approving subsystem designed for approving the digital transactions. The approving subsystem may comprise a coordinator and a second subset of end-user nodes for approving the digital transactions.

Abstract: The present invention discloses a method and system for securing digital transactions provided by a person operating a third-party computerized device designed to communicate with a multiparty signing system. The multiparty signing system may comprise a signing subsystem comprising a multiparty signing server designed to receive a request for digital signing and a first subset of end-user nodes designed to generate a group of key shares which can be utilized in MPC processes conducted by the multiparty signing server. The multiparty signing system may also comprise an approving subsystem designed for generating groups of key shares to approve the digital transactions. The approving subsystem may comprise a coordinator and a second subset of end-user nodes for generating groups of key shares. The multiparty signing server may be configured to receive from a third-party server a transaction to sign and to send a first request to the coordinator to receive a first group of key shares.

Abstract: A system for identifying one or more malicious parties participating in a secure multi-party computation (MPC), comprising one of a plurality of computing nodes communicating with the plurality of computing nodes through a network(s). The computing node is adapted for participating in an MPC with the plurality of computing nodes using secure protocol(s) established over the network(s), the secure protocol(s) support transmittal of private messages to each of the other computing nodes and transmittal of broadcast messages to all of the computing nodes, detecting invalid share value(s) of a plurality of share values computed and committed by the computing nodes during the MPC, verifying each of the share values according to a plurality of agreed share values valid for the MPC which are determined through a plurality of broadcast private messages, identifying identity of malicious computing node(s) which committed the invalid share value(s) failing the verification and outputting the identity.

Abstract: Described herein is a method and system for digital signing by utilizing Elliptic Curve Digital Signature Algorithm (ECDSA) with a group generator of an elliptic-curve group of order q, and an elliptic curve point Q. The method may be configured to receive a digital message and associated with a request from a third-party in order to sign the digital message. The system designed to sign such messages may comprise two parties denoted P1 and P2 configured to conduct a multiparty signing procedure by utilizing ECDSA. The digital signing procedure may follow preliminary steps configured to set the system with the necessary conditions for the multiparty signing procedure. Such preliminary steps may set the parties P1, and P2, in accordance with the configuration defined herein.

Abstract: The claimed invention discloses a system for securing a cryptographic key, comprising multiple computerized nodes, each of them is configured to store a public key and a share of the cryptographic key and configured to encrypt the share of the cryptographic key stored in the computerized node and to generate a zero-knowledge proof using a set of predefined instructions. The system also comprises a processing module electrically coupled to the multiple computerized nodes, configured to transmit a request to each of the nodes for encrypted backup of each share and a zero-knowledge proof, said zero-knowledge proof enables the processing module to verify that the encrypted backup share is valid without revealing the encrypted backup. The processing module then receives the encrypted backup of each share of the cryptographic key from the multiple computerized nodes and computes a predefined equation to validate correctness of each of the encrypted backup of each share of the cryptographic key.

Abstract: The present invention discloses a system and method designed to secure computerized security processes via an MPC based biometric comparison. Such security processes can be operated between a computerized device operated by a user and a third-party server, or a third-party application executed by a computerized device. The MPC based biometric comparison process utilized to secure the security process can be operated by at least one server and in some cases, a computerized device operated by the user. Said servers may operate a Distributed Security Module, (DSM Server), designed to participate in multi-party computation (MPC) processes. The DSM server may be configured to use the MPC based biometric comparison process to compare a biometric data sample provided by the computerized device with a biometric data reference stored in the DSM server.

Abstract: The subject matter discloses a computerized system for authenticating a person requesting access to a physical entity. The system comprises a controller configured to control access to the physical entity, said controller is connected to a biometric acquisition device configured to acquire biometric data of the person. The controller comprises a communication module configured to communicate wirelessly with an electronic device used by the person. The system also comprises a computerized server communicating with the controller or the person's electronic device, said server is configured to provide validation indication of the person using the biometric data and an MPC process performed between at least two of the controller, server and the person's device.

Abstract: The subject matter discloses a method for decrypting ciphertext, comprising obtaining multiple shares of a vector representing a secret key in multiple computerized entities, receiving a request to decrypt a ciphertext from an application server, each entity of the multiple computerized entities computes a linear function, the linear function receives as input a share of the vector stored in each entity of the multiple computerized entities and a ciphertext accessible to the entity, performing a plaintext multi-party computation (MPC) process by the multiple computerized entities using the output of the computation performed by each entity independently, computing an output of the linear function receiving the secret key and the ciphertext as input, wherein none of the multiple computerized entities have access to the share stored in another computerized entity.

Abstract: The subject matter discloses a computerized system, comprising a computerized device communicating with a third party server, that comprises a memory unit that stores a representation of a Boolean circuit and a processing unit for calculating a result of the Boolean circuit according to a string used as input for the Boolean circuit and calculating a first predefined function on the result of the Boolean circuit. The system also comprises a first auxiliary server communicating with the computerized device, the first auxiliary server comprises a processing unit for calculating a second predefined function on the result of the Boolean circuit received from the computerized device and a second auxiliary server communicating with the computerized device comprises a processing unit for comparing the result of the first predefined function and the result of the second predefined function.