Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020231762 - SYSTEM AND METHOD FOR PERFORMING EQUALITY AND LESS THAN OPERATIONS ON ENCRYPTED DATA WITH QUASIGROUP OPERATIONS

Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

[ EN ]

Claims:

1. A method, comprising:

encrypting, using QGroup encryption, a first item of plain data and a second item of plain data from a client to generate a first item of cipherdata and a second item of cipherdata;

generating a message authentication code for each item of cipherdata to generate a first ciphertext and a second ciphertext;

receiving, from the client, an operation request on the first and second ciphertexts to perform an operation on the encrypted data;

performing, using a first and second computer of a secure multi-party computation (SMPC) cluster, the operation on the first and second ciphertext to generate an operation result; and

returning the operation results to the client.

2. The method of claim 1, wherein the operation on the encrypted data further comprises one of an encrypted equality operation and an encrypted less than operation.

3. The method of claim 1, wherein encrypting the first and second items of plain data further comprises generating the cipherdata for each of the first item of data and the second item of data using an encryption key, a QGroup subtract operation with a pseudorandom pad and the item of plain data.

4. The method of claim 3, wherein encrypting the first and second items of plain data further comprises generating, for each item of plain data, the pseudorandom pad using the encryption key, a pseudorandom function, a nonce and a length of the plain data.

5. The method of claim 4, wherein the pseudorandom function is one of an encryption method and a cryptographic message digest.

6. The method of claim 3, wherein generating the message authentication code for each item of cipherdata further comprises generating the message authentication code for each item of cipherdata using an authentication key.

7. The method of claim 6, wherein performing the operation on the first and second ciphertexts to generate an operation result further comprises providing the encryption key for each of the first and second item of plain data to the first computer of the SMPC cluster and providing the authentication key for each of the first and second item of plain data to the second computer of the SMPC cluster.

8. The method of claim 7, wherein performing the operation on the first and second ciphertexts to generate an operation result further comprises computing, on the first computer of the SMPC cluster, a difference between a first share of the first ciphertext and a first share of the second ciphertext, verifying, on the second computer of the SMPC cluster, an integrity of the first and second ciphertexts and computing, on the second computer of the SMPC cluster, a difference between a second share of the first ciphertext and a second share of the second ciphertext.

9. The method of claim 8, wherein performing the operation on the first and second ciphertexts to generate an operation result further comprises sharing a secret key and a counter value among the first computer and second computer of the SMPC cluster.

10. The method of claim 1, wherein encrypting the first and second items of plain data further comprises generating the cipherdata for each of the first item of data and the second item of data using an encryption key, a QGroup subtract operation with a pseudorandom pad and the item of plain data and wherein generating the message authentication code for each item of cipherdata further comprises generating the message authentication code for each item of cipherdata using an authentication key and further comprising sharing a secret key and a counter value among the first computer and second computer of the SMPC cluster.

11. The method of claim 10, wherein performing the operation on the encrypted data further comprises performing an encrypted equality operation on the first and second items of cipherdata.

12. The method of claim 11, wherein performing the encrypted equality operation on the first and second items of cipherdata further comprises recomputing, on the second computer of the SMPC cluster, the message authentication code for the first and second ciphertexts, generating, on the second computer of the SMPC cluster, a random value based on the secret key and the counter value, generating, on the second computer of the SMPC cluster, a difference between the first and second ciphertext and computing, on the second computer of the SMPC cluster, an equality encryption value based on the generated difference between the first and second ciphertext and the random value.

13. The method of claim 12, wherein performing the encrypted equality operation on the first and second items of cipherdata further comprises generating, by the first computer of the SMPC cluster, a random value based on the secret key and the counter value, computing, by the first computer of the SMPC cluster, a difference between a pseudorandom function of a first share of the first ciphertext using the encryption key for the first ciphertext and a pseudorandom function of a first share of the second ciphertext using the encryption key for the second ciphertext and computing, on the first computer of the SMPC cluster, an equality encryption value based on the generated difference between the first and second ciphertext and the random value.

14. The method of claim 13, wherein generating the operation result further comprises generating, at a database computer, an exclusive OR of the equality encryption value of the first computer of the SMPC cluster and the equality encryption value of the second computer of the SMPC cluster to determine if the first item of plain data and second item of plain data are equal.

15. The method of claim 10, wherein performing the operation on the encrypted data further comprises performing, using the SMPC cluster, an encrypted less than operation on the first and second pieces of cipherdata.

16. The method of claim 15, wherein performing the encrypted less than operation on the first and second items of cipherdata further comprises recomputing, on the second computer of the SMPC cluster, the message authentication code for the first and second ciphertexts, generating, on the second computer of the SMPC cluster, a random value based on the secret key and the counter value, generating, on the second computer of the SMPC cluster, a difference between the first and second ciphertext and computing, on the second computer of the SMPC cluster, an order revealing encryption value based on the generated difference between the first and second ciphertext and the random value.

17. The method of claim 16, wherein performing the encrypted less than operation on the first and second items of cipherdata further comprises generating, by the first computer of the SMPC cluster, a random value based on the secret key and the counter value, computing, by the first computer of the SMPC cluster, a difference between a pseudorandom function of a first share of the first ciphertext using the encryption key for the first ciphertext and a pseudorandom function of a first share of the second ciphertext using the encryption key for the second ciphertext and computing, on the first computer of the SMPC cluster, an order

revealingencryption value based on the generated difference between the first and second ciphertext and the random value.

18. The method of claim 17, wherein generating the operation result further comprises generating, at a database computer, a difference value between the first ciphertext and the second ciphertext, generating, at the database computer, an exclusive OR value of the order revealing encryption value from the first computer and the order revealing encryption value from the second computer, generating, by the database computer, a comparison value between the exclusive OR value and the difference value wherein the comparison value indicates if the first item of plain data is less than the second item of plain data.

19. A system, comprising:

a server;

a client capable of connecting to the server and issuing an operation on encrypted data to the server;

an encryption engine, connected between the client and the server, that encrypts a first and second item of plain data from the client to generate a first item of cipherdata and a second item of cipherdata that are received by the server and that generates a message authentication code for each item of cipherdata to generate a first ciphertext and a second ciphertext;

a secure multi-party computation (SMPC) cluster having a first computer and a second computer connected to the server that receives the first and second items of cipherdata and generates an operating result in response to the operation on encrypted data; and

the server returning the result to the client.

20. The system of claim 19, wherein the operation on the encrypted data further comprises one of an encrypted equality operation and an encrypted less than operation.

21. The system of claim 19, wherein the encryption engine is further configured to generate the cipherdata for each of the first item of data and the second item of data using an encryption key, a QGroup subtract operation with a pseudorandom pad and the item of plain data.

22. The system of claim 21, wherein the encryption engine is further configured to generate, for each piece of plain data, the pseudorandom pad using the encryption key, a pseudorandom function, a nonce and a length of the plain data.

23. The system of claim 22, wherein the pseudorandom function is one of an encryption method and a cryptographic message digest.

24. The system of claim 21, wherein the encryption engine is further configured to generate the message authentication code for each item of cipherdata using an authentication key.

25. The system of claim 24, wherein the first computer of the SMPC cluster receives the encryption key for each of the first and second item of plain data and wherein the second computer of the SMPC cluster receives the authentication key for each of the first and second item of plain data.

26. The system of claim 25, wherein the first computer of the SMPC cluster is further configured to compute a difference between a first share of the first ciphertext and a first share of the second ciphertext and wherein the second computer of the SMPC is further configured to verify an integrity of the first and second ciphertexts and compute a difference between a second share of the first ciphertext and a second share of the second ciphertext.

27. The system of claim 26, wherein the first and second computer of the SMPC cluster each share a secret key and a counter value.

28. The system of claim 19, wherein the encryption engine is further configured to generate the cipherdata for each of the first item of data and the second item of data using an encryption key, a QGroup subtract operation with a pseudorandom pad and the item of plain data and generate the message authentication code for each item of cipherdata using an authentication key and wherein a secret key and a counter value are shared among the first computer and second computer of the SMPC cluster.

29. The system of claim 28, wherein the first and second computers of the SMPC cluster perform an encrypted equality operation on the first and second items of cipherdata.

30. The system of claim 29, wherein the second computer of the SMPC cluster is further configured to recompute the message authentication code for the first and second ciphertexts, generate a random value based on the secret key and the counter value, generate a difference between the first and second ciphertext and compute an equality encryption value based on the generated difference between the first and second ciphertext and the random value.

31. The system of claim 30, wherein the first computer of the SMPC cluster is further configured to generate a random value based on the secret key and the counter value, compute a

difference between a pseudorandom function of a first share of the first ciphertext using the encryption key for the first ciphertext and a pseudorandom function of a first share of the second ciphertext using the encryption key for the second ciphertext and compute an equality encryption value based on the generated difference between the first and second ciphertext and the random value.

32. The system of claim 31, wherein the server is further configured to generate an exclusive OR of the equality encryption value of the first computer of the SMPC cluster and the equality encryption value of the second computer of the SMPC cluster to determine if the first item of plain data and second item of plain data are equal.

33. The system of claim 28, wherein the first and second computers of the SMPC cluster perform an encrypted less than operation on the first and second pieces of cipherdata.

34. The system of claim 33, wherein the second computer of the SMPC cluster is further configured to recompute the message authentication code for the first and second ciphertexts, generate a random value based on the secret key and the counter value, generate a difference between the first and second ciphertext and compute an order revealing encryption value based on the generated difference between the first and second ciphertext and the random value.

35. The system of claim 34, wherein the first computer of the SMPC cluster is further configured to generate a random value based on the secret key and the counter value, compute a difference between a pseudorandom function of a first share of the first ciphertext using the encryption key for the first ciphertext and a pseudorandom function of a first share of the second ciphertext using the encryption key for the second ciphertext and compute an order revealing encryption value based on the generated difference between the first and second ciphertext and the random value.

36. The system of claim 35, wherein the server computer is further configured to generate a difference value between the first ciphertext and the second ciphertext, generate an exclusive OR value of the order revealing encryption value from the first computer and the order revealing encryption value from the second computer and generate a comparison value between the exclusive OR value and the difference value wherein the comparison value indicates if the first item of plain data is less than the second item of plain data.

37. A method for random string generation for encrypting a plain string, comprising: performing a message authentication code process using a secret key, a counter, a first nonce and a second nonce to generate a first random block of bits of a random string; and

generating each subsequent random block of bits of the random string by exclusively ORing the character of the plain string at the immediately prior index with a pseudorandom function with the secret key, the immediately prior block of bits of the random string and a length of the random string.

38. The method of claim 37, wherein the performing the message authentication code process further comprises using a cipher based message authentication code process.

39. The method of claim 38, wherein the pseudorandom function is one of an encryption method and a cryptographic message digest.