Patent Issued for Systems and methods for encrypting data and algorithms (USPTO 11582203): TripleBlind Inc.

2023 MAR 06 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- A patent by the inventors Das, Riddhiman (Lenexa, KS, US), Gilkalaye, Babak Poorebrahim (Kansas City, MO, US), Storm, Greg (Parkville, MO, US), filed on March 24, 2020, was published online on February 14, 2023, according to news reporting originating from Alexandria, Virginia, by NewsRx correspondents.

Patent number 11582203 is assigned to TripleBlind Inc. (Kansas City, Missouri, United States).

The following quote was obtained by the news editors from the background information supplied by the inventors: “There are numerous situations where one person, entity, or company may interact with another person, entity, or company. In these situations, it may be necessary for the first entity to exchange information with the second entity and for the second entity to exchange information with the first entity in order to work on a job, project, or task. However, the first entity may want to limit the second entity from being able to view its information because it may include proprietary information. In addition, the second entity may want to limit the first entity from being able to view its information because it may include propriety information.”

In addition to the background information obtained for this patent, NewsRx journalists also obtained the inventors’ summary information for this patent: “The disclosed technology involves systems, methods, and computer-readable media for encrypting data, algorithms, neural networks, and other information and performing complex operations on split or encrypted data accurately and more efficiently. The present technology will be described in the following disclosure as follows. The discussion begins with an introduction to the general scenario where this technology can apply and then an overview of multiparty computation.

“One example scenario where the concepts disclosed herein could apply is in a medical context. Personal medical data is protected by laws such as HIPAA (Health Insurance Portability and Accountability Act). In some cases, convolutional neural networks (CNNs) are valuable for identifying patterns in images. A patient may need to have an electrocardiogram (EKG) evaluated. Normally, the CNN (algorithm) “sees” the EKG data which can lead to an identification of the patient. In another aspect, the characteristics of a proprietary CNN may also be obtained from the person providing the data. Companies may not only want to protect patient data from identification but also will want to protect their proprietary algorithms from discovery. The concepts disclosed herein enable an algorithm to operate on data in a way that protects both the data and the algorithm from identification. This disclosure will address various scenarios such as medical, credit card, insurance, and so forth more fully below.

“A description of an example multiparty computing environment, as illustrated in FIG. 1, and a description of example methods and techniques for achieving privacy for both data and an algorithm that operates on the data is provided, as illustrated in FIGS. 2 through 9B, will then follow. FIGS. 9C-12 provide further illustrations of embodiments disclosed herein, including convolutional neural networks and flow diagrams of various methods related to achieving privacy both for algorithms and data in an efficient manner. The discussion concludes with a description of an example computing device architecture including example hardware components suitable for performing multiparty computing operations, as illustrated in FIG. 13. In one aspect, standard or unencrypted algorithms can also be processed with secure multiparty computation as well. This is in addition to the use of homomorphic encryption, secure element (hardware based or otherwise)-based approaches as described herein. By using encrypted, standard, algorithms, the system can interact with data that’s homomorphically encrypted (not using secure multiparty computation) or even using a secure enclave. The disclosure now turns to an introductory overview of multiparty computation.

“As shown in FIG. 1, the approaches herein provide a system and/or process for hiding or encrypting an algorithm 106 from a data provider 102 that provides data 108 to the algorithm 106 and hiding or encrypting the data 108 from an algorithm provider 102 that provides the algorithm 106 that operates on the data 108. In some examples, the algorithm 106 may be split or divided between at least one party that jointly executes the algorithm. In addition, in some examples, the data 108 may be split or divided between at least one party. A communication network 110 in one aspect can be configured between the data provider 102 and the algorithm provider 104. The system discussed herein may achieve privacy by cryptography for both data and algorithms that operate on the data. As an example, a proprietary algorithm 106 provided by a first party may be kept private from a second party and proprietary data 108 from the second party may be kept private from the first party. In another example, a third party may be involved.

“As an example, secure multi-party computation (MPC) may allow operation of a function on two datasets without the owner or custodian of each dataset obtaining any proprietary information. MPC is based on a number of cryptographic tools and strategies such as secret sharing. As an example, a first party may be in possession of data that represents a number such as ten. The number ten may be represented using multiple numbers such as the operation six plus four. A second party may be in possession of data that represents a number such as five. The number five may be represented using multiple numbers such as the operation seven plus negative two. As an example, the first party and the second party can perform an operation on the data, such as addition, without identifying the data.”

The claims supplied by the inventors are:

“1. A system comprising: at least one processor; and a computer-readable storage device storing instructions which, when executed by the at least one processor, cause the at least one processor to: receive an algorithm from an algorithm provider; receive data from a data provider; divide the algorithm into a first algorithm subset and a second algorithm subset for separate and independent processing of respective data sets by the first algorithm subset and the second algorithm subset, wherein the first algorithm subset and the second algorithm subset, when combined, comprise the algorithm and convert the algorithm into a Boolean logic gate set, wherein the first algorithm subset corresponds to a first Boolean logic gate subset of the Boolean logic gate set and the second algorithm subset corresponds to a second Boolean logic gate subset of the Boolean logic gate set; represent the data as a first additive share and a second additive share, wherein the first additive share plus the second additive share equals the data such that sharing the first additive share or the second additive share does not reveal the data or any subset of the data; transmit the first algorithm subset and the first additive share to a first entity for processing; transmit the second algorithm subset and the second additive share to a second entity for processing, wherein the first entity cannot identify any of the data from the second additive share and the second entity cannot identify any of the data from the first additive share; process, by the first entity, the first algorithm subset with the first additive share to generate a first partial result; process, by the second entity the second algorithm subset with the second additive share to generate a second partial result, wherein the first entity and the second entity respectively exchange the first partial result and the second partial result as part of a secure multi-party computation process; receive, from the first entity, the first partial result based on the first algorithm subset and first additive share and receive, from the second entity, the second partial result based on the second algorithm subset and the second additive share; and determine a combined result based on the first partial result and the second partial result.

“2. The system of claim 1, wherein the first Boolean logic gate subset and the second Boolean logic gate subset comprise AND gates and XOR gates.

“3. The system of claim 1, wherein the algorithm provider comprises at least one first computing device and the data provider comprises at least one second computing device.

“4. The system of claim 1, wherein the computer-readable storage device stores additional instructions which, when executed by the at least one processor, cause the at least one processor to: send the combined result to the data provider and display a representation of the combined result.

“5. The system of claim 1, wherein the computer-readable storage device stores additional instructions which, when executed by the at least one processor, cause the at least one processor to: send the combined result to the algorithm provider and display a representation of the combined result.

“6. The system of claim 1, wherein the algorithm is selected from a list of algorithms provided by the algorithm provider.

“7. The system of claim 1, wherein the algorithm is represented by one of a Boolean logic set, a neural network or an algebraic circuit.

“8. The system of claim 1, wherein the computer-readable storage device stores additional instructions which, when executed by the at least one processor, cause the at least one processor to: encrypt the algorithm and encrypt the data.

“9. A method comprising: receiving, by at least one processor, an algorithm from an algorithm provider; receiving, by the at least one processor, data from a data provider; dividing, by the at least one processor, the algorithm into a first algorithm subset and a second algorithm subset for separate and independent processing of respective data sets by the first algorithm subset and the second algorithm subset, wherein the first algorithm subset and the second algorithm subset, when combined, comprise the algorithm and convert the algorithm into a Boolean logic gate set, wherein the first algorithm subset corresponds to a first Boolean logic gate subset of the Boolean logic gate set and the second algorithm subset corresponds to a second Boolean logic gate subset of the Boolean logic gate set; representing, by the at least one processor, the data into a first additive share and a second additive share, wherein the first additive share plus the second additive share equals the data such that sharing the first additive share or the second additive share does not reveal the data or any subset of the data; transmitting the first algorithm subset and the first additive share to a first entity fo processing; transmitting the second algorithm subset and the second additive share to a second entity for processing, wherein the first entity cannot identify any of the data from the second additive share and the second entity cannot identify any of the data from the first additive share; processing by the algorithm provider the first algorithm subset and the first additive share to generate a first partial result; processing by the data provider the second algorithm subset and the second additive share to generate a second partial result, wherein the first entity and the second entity exchange the first partial result and the second partial result as part of a secure multi-party computation process; receiving, by the at least one processor, the first partial result based on the first algorithm subset and first additive share and receiving the second partial result based on the second algorithm subset and the second additive share; and determining, by the at least one processor, a combined result based on the first partial result and the second partial result.

“10. The method of claim 9, wherein the first Boolean logic gate subset and the second Boolean logic gate subset comprise AND gates and XOR gates.

“11. The method of claim 9, wherein the algorithm provider comprises at least one first computing device and the data provider comprises at least one second computing device.

“12. The method of claim 9, further comprising: sending the combined result to the data provider and displaying a representation of the combined result.

“13. The method of claim 9, further comprising: sending the combined result to the algorithm provider and displaying a representation of the combined result.

“14. The method of claim 9, wherein the algorithm is selected from a list of algorithms provided by the algorithm provider.

“15. The method of claim 9, wherein the algorithm is represented by one of a Boolean logic set, a neural network or an algebraic circuit.

“16. The method of claim 9, further comprising encrypting the algorithm and encrypting the data.

“17. A non-transitory computer-readable storage medium having stored therein instructions which, when executed by one or more processors, cause the one or more processors to: receive an algorithm from an algorithm provider; receive data from a data provider; divide the algorithm into a first algorithm subset and a second algorithm subset for separate and independent processing of respective data by the first algorithm subset and the second algorithm subset, wherein the first algorithm subset and the second algorithm subset, when combined, comprise the algorithm and convert the algorithm into a Boolean logic gate set, wherein the first algorithm subset corresponds to a first Boolean logic gate subset of the Boolean logic gate set and the second algorithm subset corresponds to a second Boolean logic gate subset of the Boolean logic gate set; represent the data into a first additive share and a second additive share, wherein the first additive share plus the second additive share equals the data such that sharing the first additive share or the additive share does not reveal the data or any subset of the data; send the first algorithm subset and the first additive share to a first entity to generate a first partial result; send the second algorithm subset and the second additive share to a second entity to generate a second partial result, wherein the first entity cannot identify any of the data from the second additive share and the second entity cannot identify any of the data from the first additive share; process by the first entity the first algorithm subset with the first additive share to generate a first partial result; process by the second entity the second algorithm subset with the second additive share to generate a second partial result, and wherein the first entity and the second entity exchange the first partial result and the second partial result as part of a secure multi-party computation process; receive the first partial result from the first entity based on the first algorithm subset and first additive share and receive the second partial result from the second entity based on the second algorithm subset and the second additive share; and determine a combined result based on the first partial result and the second partial result.”

URL and more information on this patent, see: Das, Riddhiman. Systems and methods for encrypting data and algorithms. U.S. Patent Number 11582203, filed March 24, 2020, and published online on February 14, 2023. Patent URL (for desktop use only): https://ppubs.uspto.gov/pubwebapp/external.html?q=(11582203)&db=USPAT&type=ids

(Our reports deliver fact-based news of research and discoveries from around the world.)