News Column

"Encrypted Statistical Processing System, Device, Method, and Program" in Patent Application Approval Process

May 13, 2014



By a News Reporter-Staff News Editor at Information Technology Newsweekly -- A patent application by the inventor Isshiki, Toshiyuki (Tokyo, JP), filed on May 30, 2012, was made available online on May 1, 2014, according to news reporting originating from Washington, D.C., by VerticalNews correspondents.

This patent application is assigned to Nec Corporation.

The following quote was obtained by the news editors from the background information supplied by the inventors: "In recent years, the importance of security in cloud services has been widely recognized. A proposed service, for example, stores data encrypted by homomorphic encryption schemes in a database in a cloud network (hereinafter simply referred to as a cloud), performs statistical processing on encrypted data stored in the database without decrypting the encrypted data to generate encrypted data representative of the result of processing, and acquires as needed the encrypted data representative of the processing result to decrypt the encrypted data.

"As a technology related to the above service, homomorphic encryption schemes is described, for instance, in Non-Patent Literature 1."

In addition to the background information obtained for this patent application, VerticalNews journalists also obtained the inventor's summary information for this patent application: "Technical Problem

"A certain cloud service provider uses a database in a cloud to collect information supplied from a user, obtains statistical data from the collected information, and provides a service in accordance with the statistical data. An example of this type of service would be a recommendation service that provides the user with information about recommended products.

"In the above instance, the information supplied from the user often includes personal information about the user, such as the information about purchases made by the user and the attributes of the user (age, gender, occupation, residence, etc.)

"Meanwhile, it is often difficult for the user to recognize who manages a database in the cloud at what location and in what manner. Therefore, it is said that the user is worried about security. In other words, the user cannot rely on the administrator of the database in the cloud. Hence, information leakage prevention measures frequently adopted for the database in the cloud by using data access rights do not make sense.

"As such being the case, the information supplied from the user may be encrypted in such a manner as to permit only a service provider to decrypt the supplied information so that database manager also cannot acquire the information about the user before being stored in the database in the cloud. However, it is generally known that it is difficult to obtain statistical data from the encrypted supplied information without decrypting it.

"The homomorphic encryption schemes described in Non-Patent Document 1 makes it possible to perform statistical processing on plain text without using a secret key in a situation where a plurality of pieces of data encrypted by a certain public key remain encrypted. However, the plurality of pieces of encrypted data need to be encrypted by the same public key before being subjected to statistical processing. In other words, if the plurality of pieces of encrypted data to be statistically processed is encrypted by different public keys, the encrypted data cannot be statistically processed before being decrypted.

"If the plurality of pieces of encrypted data to be statistically processed is encrypted by different public keys, for example, all the encrypted data to be statistically processed may be obtained, decrypted, and statistically processed. However, this method requires that all pieces of the encrypted data be downloaded to the service provider. Therefore, this method is not desirable from the viewpoint of convenience and communication cost. Further, it is conceivable that the service provider has a limited amount of computing resources in a cloud environment. Therefore, it is preferred that computations required for statistical processing be performed on the cloud side. Furthermore, as encrypted target data is decrypted once, it is necessary to prevent the leakage of data from a computer used by the service provider. Taking data leakage prevention measures requires a certain amount of cost.

"The present invention has been made in view of the above circumstances and has an object to provide an encrypted statistical processing system, an encrypted statistical processing device, an encrypted statistical processing method, and an encrypted statistical processing program that perform statistical processing on data encrypted by different public keys while the data is left encrypted.

"Solution to Problem

"According to the present invention, there is provided an encrypted statistical processing system including a plurality of service provider devices, a data registration device, a database, a plurality of proxy devices, an integrated data generation device, and an integrated data storage device. The service provider devices each include key generation means, which generates a service public key for encrypting data and a secret key corresponding to the service public key, and proxy key generation means, which generates a proxy key upon input of the service public key and the secret key. The data registration device includes encrypted data generation means, which generates encrypted data upon input of the service public key and predetermined data. The database stores the encrypted data. The proxy devices each include encrypted portion statistical data generation means, which generates encrypted portion statistical data upon input of the proxy key generated by the proxy key generation means with respect to the encrypted data stored in the database. The integrated data generation device includes encrypted statistical data generation means, which inputs the encrypted portion statistical data from each of the proxy devices and generates encrypted statistical data. The integrated data storage device stores the encrypted statistical data.

"According to the present invention, there is provided an encrypted statistical processing device including key generation means, proxy key generation means, encrypted data generation means, encrypted portion statistical data generation means, and encrypted statistical data generation means. The key generation means generates a service public key for encrypting data and a secret key corresponding to the service public key. The proxy key generation means generates a proxy key upon input of the service public key and the secret key. The encrypted data generation means generates encrypted data upon input of the service public key and predetermined data. The encrypted portion statistical data generation means generates encrypted portion statistical data with respect to the encrypted data upon input of the proxy key generated by the proxy key generation means. The encrypted statistical data generation means generates encrypted statistical data in accordance with the encrypted portion statistical data.

"According to the present invention, there is provided an encrypted statistical processing method including the steps of: generating a service public key for encrypting data and a secret key corresponding to the service public key; generating a proxy key upon input of the service public key and the secret key; generating encrypted portion statistical data upon input of the proxy key with respect to encrypted data generated upon input of the service public key and predetermined data; and generating encrypted statistical data in accordance with the encrypted portion statistical data.

"According to the present invention, there is provided an encrypted statistical processing program that causes a computer to perform: a key generation process of generating a service public key for encrypting data and a secret key corresponding to the service public key; a proxy key generation process of generating a proxy key upon input of the service public key and the secret key; an encrypted data generation process of generating encrypted data upon input of the service public key and predetermined data; an encrypted portion statistical data generation process of generating encrypted portion statistical data with respect to the encrypted data upon input of the proxy key generated by proxy key generation process; and an encrypted statistical data generation process of generating encrypted statistical data in accordance with the encrypted portion statistical data.

"Advantageous Effects of the Invention

"The present invention makes it possible to perform statistical processing on data encrypted by different public keys while the data is left encrypted.

BRIEF DESCRIPTION OF DRAWINGS

"FIG. 1 It depicts a block diagram showing an exemplary configuration of an encrypted statistical processing system according to the present invention.

"FIG. 2 It depicts a block diagram showing an exemplary configuration of a data registration device.

"FIG. 3 It depicts a block diagram showing an exemplary configuration of a service provider device.

"FIG. 4 It depicts a block diagram showing an exemplary configuration of a proxy device.

"FIG. 5 It depicts a block diagram showing an exemplary configuration of an integrated data generation device.

"FIG. 6 It depicts a flowchart showing an example of a service provider key generation process.

"FIG. 7 It depicts a flowchart showing an example of a data registration process.

"FIG. 8 It depicts a flowchart showing an example of a proxy key generation process.

"FIG. 9 It depicts a flowchart showing an example of a statistical information computation process.

"FIG. 10 It depicts a flowchart showing an example of a decryption process.

"FIG. 11 It depicts a flowchart showing an example of the service provider key generation process.

"FIG. 12 It depicts a flowchart showing an example of the data registration process.

"FIG. 13 It depicts a flowchart showing an example of the proxy key generation process.

"FIG. 14 It depicts a flowchart showing an example of the statistical information computation process.

"FIG. 15 It depicts a flowchart showing an example of the decryption process.

"FIG. 16 It depicts a block diagram showing an exemplary minimum configuration of the encrypted statistical processing system."

URL and more information on this patent application, see: Isshiki, Toshiyuki. Encrypted Statistical Processing System, Device, Method, and Program. Filed May 30, 2012 and posted May 1, 2014. Patent URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsearch-adv.html&r=423&p=9&f=G&l=50&d=PG01&S1=20140424.PD.&OS=PD/20140424&RS=PD/20140424

Keywords for this news article include: Nec Corporation, Information Technology, Information and Data Storage, Information and Data Encoding and Encryption.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories covering the world of technology, please see HispanicBusiness' Tech Channel



Source: Information Technology Newsweekly


Story Tools






HispanicBusiness.com Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters