US 12,333,039 B2
Secret hash table construction system, reference system, methods for the same
Atsunori Ichikawa, Musashino (JP); Koki Hamada, Musashino (JP); and Ryo Kikuchi, Musashino (JP)
Assigned to NIPPON TELEGRAPH AND TELEPHONE CORPORATION, Tokyo (JP)
Appl. No. 17/792,145
Filed by NIPPON TELEGRAPH AND TELEPHONE CORPORATION, Tokyo (JP)
PCT Filed Jan. 16, 2020, PCT No. PCT/JP2020/001218
§ 371(c)(1), (2) Date Jul. 12, 2022,
PCT Pub. No. WO2021/144905, PCT Pub. Date Jul. 22, 2021.
Prior Publication US 2023/0039723 A1, Feb. 9, 2023
Int. Cl. G06F 21/62 (2013.01); G06F 16/901 (2019.01); G06F 21/14 (2013.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01); G06F 12/1018 (2016.01)
CPC G06F 21/6227 (2013.01) [G06F 16/9014 (2019.01); G06F 21/14 (2013.01); H04L 9/0869 (2013.01); H04L 9/088 (2013.01); H04L 9/0894 (2013.01); H04L 9/3236 (2013.01); G06F 12/1018 (2013.01); H04L 2209/08 (2013.01)] 10 Claims
OG exemplary drawing
 
1. A secret hash table construction system including a plurality of servers and constructing a secret hash table by a coordination protocol of the plurality of servers by using secure computation, wherein
the secret hash table has a data structure configured to have B address values and storing a maximum of Z pieces of data for each of the B address values, and
each of the plurality of servers comprises processing circuitry configured to implement:
a storage destination array calculation unit configured to determine, for a concealed data sequence ((A)), a pseudo-random function value ((addri)) by using a key ((ki)) of each piece of data of the concealed data sequence ((A)) as input of a pseudo-random function and a secret key ((s)) as a secret key of the pseudo-random function, to determine an array ((addr)) indicating a storage destination of each piece of the data;
a concealed value array connection unit configured to generate an array ((addrdummy)) of concealed values and connect the generated array ((addrdummy)) to the array ((addr)) to determine an array ((addr′))←((addr))∥((addrdummy));
a sort permutation generation application unit configured to generate a sort permutation ((σ1)) for the array ((addr′)) by using values included in the array ((addr′)) as keys and apply the sort permutation ((σ1)) to the array ((addr′));
a conversion unit configured to convert the array ((addr′)) into an array with a sequence composed of first Z elements set to ((i)) followed by αi elements set to ((B)), αi being the number of i included in the array ((addr′));
a sort permutation generation unit configured to generate a sort permutation ((σ2)) for the converted array ((addr′)) by using values included in the converted array ((addr′)) as keys; and
a table generation unit configured to generate dummy data ((empty)) for a concealed data sequence ((˜A)) corresponding to the concealed data sequence ((A)), impart the generated dummy data ((empty)) to the concealed data sequence ((˜A)), apply the sort permutations ((σ1)) and ((σ2)) to the data array imparted with the dummy data, and generate, as a secret hash table, a data sequence obtained by deleting the last N pieces of data from the sorted data array.