| CPC G06F 21/64 (2013.01) [G09C 1/00 (2013.01); G06F 21/552 (2013.01); G06F 21/60 (2013.01); G09C 5/00 (2013.01); H04L 9/00 (2013.01)] | 20 Claims |
|
1. A secure computation system, comprising at least four secure computation server apparatuses connected to each other via a network, wherein:
each of the at least four secure computation server apparatuses receiving a share which indicates an index, and referring to a share of an element in a sequence corresponding to the index from shares in the sequence,
an individual one of the at least four secure computation server apparatuses, being implemented by a memory and a processor, to execute operations performed by:
a local cyclic permutation part that computes, by using a cyclic permutation shared by secure computation server apparatuses except one secure computation server apparatus of the at least four secure computation server apparatuses, a value of the cyclic permutation for the one secure computation server apparatus;
a comparison and verification part that performs a fraud detection by performing an equality check on a plurality of values of cyclic permutations computed by the secure computation server apparatuses except oneself of the at least four secure computation server apparatuses;
a permutation synthesis part that constitutes a random cyclic permutation, that is traceable by none of the at least four secure computation server apparatuses, by synthesizing the cyclic permutations constituted by individual local cyclic permutation parts of the secure computation server apparatuses;
a sequence shuffle part that applies the random cyclic permutation to the shares in the sequence;
an index computation part that computes another share which indicates another index and to which the random cyclic permutation has been applied by adding a share having a shift amount of the cyclic permutation constituted by the individual local cyclic permutation parts to the received share which indicates the index; and
a sequence selection part that reconstructs the share which indicates the index and to which the random cyclic permutation has been applied and that selects the share corresponding to the index from the shares in the sequence to which the random cyclic permutation has been applied.
|