The present invention relates to a secret calculation system, a secret calculation method, and a program.
Conventionally, there has been known a secret distribution method, which is one of secret calculation techniques and is a method with which secret information is distributed into a plurality of groups and various processes are executed by the groups cooperating with each other.
For example, JP 2005-234069 A describes a secret distribution processing system that ensures validity of distributed data by adding verification data to the distributed data and performing evaluation using the distributed data and the verification data before restoration.
However, the conventional secret calculation technique described in JP 2005-234069 A is not necessarily for reducing the processing load on secret calculation.
Therefore, some aspects of the present invention have been made in view of such circumstances, and an object of the present invention is to provide a secret calculation technique capable of improving the security of data and reducing the processing load on the secret calculation.
A secret calculation system according to an aspect of the present invention is a secret calculation system that executes secret calculation for calculating data in an encrypted state, and includes a first acquisition unit that acquires encrypted first data, a second acquisition unit that acquires unencrypted second data according to the first data, a secret calculation unit that executes the secret calculation on the basis of the first data and the second data, and an output unit that outputs a result of the secret calculation in an encrypted state.
A secret calculation method according to an aspect of the present invention is a secret calculation method causing a computer to execute secret calculation for calculating data in an encrypted state, and includes acquiring encrypted first data, acquiring unencrypted second data according to the first data, executing the secret calculation on the basis of the first data and the second data, and outputting a result of the secret calculation in an encrypted state.
A program according to an aspect of the present invention causes a computer that executes secret calculation for calculating data in an encrypted state to function as a first acquisition unit that acquires first data encrypted, a second acquisition unit that acquires second data unencrypted according to the first data, a secret calculation unit that executes the secret calculation on the basis of the first data and the second data, and an output unit that outputs a result of the secret calculation in an encrypted state.
In the present invention, a “unit” does not simply mean a physical means, and comprehends a case where a function of the “unit” is implemented by software. A function of one “unit” or device may be implemented by two or more physical units or devices, or functions of two or more “units” or devices may be implemented by one physical unit or device.
According to the present invention, it is possible to improve the security of data and reduce a processing load on the secret calculation.
An embodiment of the present invention will be described with reference to the accompanying drawings. Note that the following embodiment is an example for describing the present invention and is not intended to limit the present invention only to the embodiment. In addition, the present invention can be made into various modifications as long as the modifications do not depart from the gist of the invention. Furthermore, in each drawing, the same components are denoted by the same reference numerals as much as possible, and redundant description are omitted.
As illustrated in
The confidential data supply device 3 includes a database (DB) 1 storing the confidential data CD, and supplies the confidential data CD in an encrypted state to each of the secret calculation server devices 1A, 1B, and 1C. In addition, from the database (DB) 3 in which non-confidential data NCD (second data) is managed, the non-confidential data NCD is supplied in an unencrypted state to each of the secret calculation server devices 1A, 1B, and 1C. The confidential data CD is data to be kept confidential, and is data that needs to be prevented from being known to a third party, as described later. In addition, the non-confidential data NCD is data that has no problem even if it is known to a third party. In
In the present embodiment, the secret calculation system 100 executes “secret distribution” processing in the “secret calculation”. The “secret distribution” is a technique that secures confidentiality of data by dividing the data into a plurality of fragments that are called “shares” and performing the secret calculation. As illustrated in
The secret calculation server device 1 is a device that executes the secret calculation. The secret calculation server devices 1A, 1B, and 1C can communicate with (cooperate with) each other. The secret calculation server devices 1A, 1B, and 1C execute the secret calculation on the basis of the shares A, B, and C and the non-confidential data NCD to calculate a secret calculation result (X, Y, Z). The secret calculation server devices 1A, 1B, and 1C output the secret calculation result (X, Y, Z) in an encrypted state to the calculation result restoration device 5. Note that specific contents of the secret calculation will be described in detail with reference to
The calculation result restoration device 5 restores the calculation result by using a secret calculation result (X), a secret calculation result (Y), and a secret calculation result (Z) received from the secret calculation server devices 1A, 1B, and 1C, respectively. The calculation result restoration device 5 stores a secret calculation result R in a database (DB) 5.
Conventionally, encrypting and managing all enormous data (including non-confidential data) used for the secret calculation and performing calculation processing using all of the data introduce a large load on data processing. In the secret calculation system 100 according to the present embodiment, not all data to be subjected to the secret calculation processing is acquired as encrypted data, but data that does not need to be kept confidential is managed without being encrypted. When executing the secret calculation, the secret calculation system 100 refers to the brand code or the like to acquire non-confidential data (for example, stock price data) corresponding to confidential data (for example, stock number data) and executes the secret calculation. Therefore, it is possible to improve the security of confidential data and reduce the processing load on the secret calculation (for example, calculation processing speed is increased or calculation time is reduced).
In addition, in the secret calculation system 100, since the secret calculation is executed while the confidential data such as the name and the number of stocks held by the manager of the investment trust is kept confidential, it is possible to continue the management service with the privacy of the management situation maintained.
Furthermore, by adopting secret distribution processing in the secret calculation system 100, even in a case where a share is leaked from one secret calculation server device, it is difficult to restore (decode) the processing result. Therefore, since the secret of the confidential data is maintained, the security of confidential data is further improved.
Note that the secret calculation server device 1, the confidential data supply device 3, and the calculation result restoration device 5 are, for example, information processing devices such as a server device. The secret calculation server device 1, the confidential data supply device 3, and the calculation result restoration device 5 may be, for example, information processing devices such as a general-purpose personal computer, a smartphone, and a tablet terminal. In addition, the number of the secret calculation server device 1, the confidential data supply device 3, and the calculation result restoration device 5 is not limited.
The information processing unit 10 functionally includes, for example, a confidential data acquisition unit 11 (first data acquisition unit), a non-confidential data acquisition unit 13 (second data acquisition unit), a secret calculation unit 15, and an output unit 17. Note that the above-described units of the information processing unit 10 can be implemented, for example, by using a storage area such as a memory or a hard disk, or by causing a processor to execute a program stored in the storage area.
The confidential data acquisition unit 11 acquires confidential data encrypted. For example, the confidential data acquisition unit 11 acquires the shares that are generated by dividing the confidential data CD, in an encrypted state from the confidential data supply device 3 illustrated in
The non-confidential data acquisition unit 13 acquires non-confidential data unencrypted according to confidential data. For example, the non-confidential data acquisition unit 13 acquires the non-confidential data NCD according to the shares of the confidential data CD acquired from the confidential data supply device 3 illustrated in
The secret calculation unit 15 executes secret calculation on the basis of the confidential data and the non-confidential data. For example, the secret calculation unit 15 executes the secret calculation on the basis of share data regarding the stock number data and the stock price data stored in the storage unit 19, and calculates the appraised value of a stock. The appraised value of the stock is calculated by multiplying the number of stocks and the stock price for each brand. With this configuration, it is possible to calculate the appraised value of the stock with the confidential information such as the number of stocks of the manager kept confidential.
The output unit 17 outputs the result of the secret calculation in an encrypted state. For example, as illustrated in
The storage unit 19 stores, for example, share data SD regarding shares that are fragments of the confidential data and are generated by the secret distribution on the confidential data, and a secret calculation result R of the secret calculation unit 15.
<Secret calculation processing>
(First example)
A first example of the secret calculation processing according to an embodiment will be described with reference to
(Step S1)
The secret calculation server device 1 illustrated in
(Step S3)
The secret calculation server device 1 acquires non-confidential data unencrypted according to confidential data. For example, the secret calculation server device 1 acquires stock price data of a brand for which the number of stocks held by the manager is other than “zero” among stock price data of all brands by referring to the brand code.
(Step S5)
The secret calculation server device 1 executes the secret calculation on the basis of the confidential data and the non-confidential data. For example, the secret calculation server device 1 calculates an appraised value in an encrypted state on the basis of the acquired stock number data and the acquired stock price data.
(Step S7)
The secret calculation server device 1 outputs the secret calculation result in an encrypted state.
As described above, according to the first example of the secret calculation processing, the secret calculation server device 1 acquires stock number data encrypted, and acquires stock price data unencrypted according to the stock number data. The secret calculation server device 1 calculates the appraised value of the stock in an encrypted state on the basis of the stock number data and the stock price data, and outputs the secret calculation result in an encrypted state. Therefore, it is possible to improve the security of confidential data and reduce a processing load on the secret calculation.
(Second example)
A second example of the secret calculation processing according to an embodiment will be described with reference to
The standard value of the investment trust is obtained by dividing the net asset value by the total number of units of the investment trust (total number of units of beneficial interest). The standard value of the investment trust is expressed as the following equation 1.
Standard value=Net asset value/Total number of units . . . (1)
The net asset value is expressed by the following equation 2 using the total appraised value of stocks, the balance to be carried forward, and others (accounts payable, accounts receivable, call loans, and the like).
Net asset value=Total appraised value of stocks+Balance to be carried forward+Others . . . (2)
The total appraised value of stocks is the sum of the appraised values of all stocks held. Note that, as described above, the appraised value of the stocks is calculated by multiplying the number of stocks and the stock price for each brand. Hereinafter, as an example, a method of calculating balance to be carried forward will be described with reference to
(Step S11)
The secret calculation server device 1 illustrated in
(Step S13)
The secret calculation server device 1 illustrated in
Regarding the calculation of the trading balance data (T), in a case where the trade flag is “purchased”, the trading balance is “0”, and in a case where the trade flag is “sold”, the trading balance is expressed by the following equation 3. The calculation of the equation 3 is also performed in the secret calculation.
Trading balance (T)=(Book value (T−1)−Sales amount)×Number of stocks traded . . . (3)
As illustrated in
(Step S15)
The secret calculation server device 1 illustrated in
Holding number (T)=Holding number (T−1)+Number of stocks traded . . . (4)
More specifically, for the holding number (T) of the stocks with the brand code “4307”, the holding number (T) “700” illustrated in
The book value (T) illustrated in
Book value (T)={Holding number (T−1)×Book value (T−1)+Number of stocks traded×Sales amount}/Holding number (T) . . . (5)
More specifically, the book value (T) of the brand code “4307” is calculated as “2571.429” on the basis of the holding number (T−1) “400” and the book value (T−1) “2000” illustrated in
(Step S17)
The secret calculation server device 1 illustrated in
As described above, according to the second example of the secret calculation processing, the secret calculation server device 1 calculates the trading balance data on the basis of the book value data of one or a plurality of stocks and the transaction data of one or a plurality of stocks by using the secret calculation. The secret calculation server device 1 calculates the standard value of the investment trust on the basis of the trading balance data calculated and the appraised value of the stocks calculated. Therefore, even when calculating the standard value of an investment trust constituted by one or a plurality of stocks by the secret calculation, it is possible to improve the security of the confidential data and reduce the processing load on the secret calculation.
As illustrated in
The processor 41 controls the entire computer. The processor 41 corresponds to, for example, the information processing unit 10 of the secret calculation server device 1 illustrated in
The input/output interface 44 performs one or both of presenting information and receiving input of information, and is a camera, a keyboard, a mouse, a display, a touch panel display, a microphone, a speaker, a temperature sensor, and the like. The communication interface 45 transmits and receives data to and from various database (DB) 3, DB5, and DB7 illustrated in
It will be apparent to those skilled in the art that the cooperation of the above exemplified hardware resources and software enables the computer 40 to function as a desired means, perform a desired step, and implement a desired function.
Note that, the embodiment described above is for facilitating understanding of the present invention and is not intended to limit the present invention. The present invention can be modified and improved without departing from the gist of the invention, and equivalents thereof are also included in the present invention. In addition, the present invention can form various disclosures by appropriately combining a plurality of components disclosed in the embodiment described above. For example, some components may be deleted from all the components disclosed in the embodiment. Furthermore, the components may be appropriately combined with a different embodiment.
Unlike the secret calculation system 100 illustrated in
Note that, as described above, the secret calculation system 100 may be embodied so as to use the secret distribution processing or the homomorphic encryption process as the secret calculation, or may adopt another encryption processing as the secret calculation.
Number | Date | Country | Kind |
---|---|---|---|
2020-125547 | Jul 2020 | JP | national |
Number | Date | Country | |
---|---|---|---|
Parent | PCT/JP2021/027019 | Jul 2021 | US |
Child | 18083683 | US |