公开(公告)号：US20170078086A1

公开(公告)日：2017-03-16

申请号：US14191021

申请日：2014-02-26

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff ,  David Bruce Cousins

IPC: H04L9/06

CPC classification number: H04L9/06 ,  H04L9/008 ,  H04L9/3093

Abstract: A method for encoding encrypted data for further processing includes: receiving an input data vector of length m; splitting the input data vector to k multiple vectors; multiplying each of the multiple vectors by a power of 2 to obtain k number of intermediate vectors; summing the k number of intermediate vectors to obtain a single summed vector; encrypting the single summed vector to obtain an encrypted vector; sending the encrypted vector to an operational unit to have the encrypted vector operated on to obtain a processed encrypted vector; receiving the processed encrypted vector; decrypting the received encrypted vector; dividing the processed decrypted vector by a power of 2, modulus a power of 2 to obtain multiple transitional vectors of the same dynamic range and the same length; and concatenating the multiple transitional vectors to obtain a recovered vector of length m.

Abstract translation: 一种编码用于进一步处理的加密数据的方法包括：接收长度为m的输入数据矢量; 将输入数据向量分解为k个多个向量; 将每个多个向量乘以2的幂，以获得k个中间向量; 对k个中间向量进行求和以获得单个求和向量; 加密单个求和矢量以获得加密矢量; 将加密的向量发送到操作单元以使加密的向量被操作以获得经处理的加密的向量; 接收经处理的加密矢量; 解密所接收的加密矢量; 将处理后的解密矢量除以2的幂，模幂a 2，得到相同动态范围和相同长度的多个过渡向量; 并连接多个过渡向量以获得长度为m的恢复向量。

公开(公告)号：US09628266B2

公开(公告)日：2017-04-18

申请号：US14191021

申请日：2014-02-26

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff ,  David Bruce Cousins

IPC: H04K1/00 ,  H04L9/00 ,  H04L9/28 ,  H04L9/06

CPC classification number: H04L9/06 ,  H04L9/008 ,  H04L9/3093

Abstract: A method for encoding encrypted data for further processing includes: receiving an input data vector of length m; splitting the input data vector to k multiple vectors; multiplying each of the multiple vectors by a power of 2 to obtain k number of intermediate vectors; summing the k number of intermediate vectors to obtain a single summed vector; encrypting the single summed vector to obtain an encrypted vector; sending the encrypted vector to an operational unit to have the encrypted vector operated on to obtain a processed encrypted vector; receiving the processed encrypted vector; decrypting the received encrypted vector; dividing the processed decrypted vector by a power of 2, modulus a power of 2 to obtain multiple transitional vectors of the same dynamic range and the same length; and concatenating the multiple transitional vectors to obtain a recovered vector of length m.

公开(公告)号：US20150249649A1

公开(公告)日：2015-09-03

申请号：US14194585

申请日：2014-02-28

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff

IPC: H04L29/06 ,  H04L9/06

CPC classification number: H04L9/3093 ,  H04K1/00 ,  H04L9/008 ,  H04L63/0428 ,  H04L65/403 ,  H04L65/601

Abstract: In a computer implemented method for data privacy in a distributed communication system including a plurality of client terminals, the method includes: receiving, from each of the plurality of client terminals, a group of key switch hints generated by said each of the client terminals, wherein each group of key switch hints include a key switch hint corresponding to each other one of the client terminals; receiving, from each of the client terminals, an encrypted data stream; switching each of the encrypted data streams using the key switch hints corresponding to said each other one of the client terminals to generate a respective switched data set for said each of the encrypted data streams, wherein each switched data set includes a plurality of encrypted data representations of said each of the encrypted data streams; and generating an encrypted output data stream for each of the client terminals using the switched data set for each encrypted data stream.

Abstract translation: 在包括多个客户终端的分布式通信系统中的用于数据隐私的计算机实现方法中，所述方法包括：从所述多个客户终端中的每一个接收由所述每个所述客户终端生成的一组密钥交换机提示， 其中每组密钥交换机提示包括彼此对应的一个客户终端的密钥交换机提示; 从每个客户终端接收加密的数据流; 使用对应于彼此之一的客户端终端的密钥交换机提示来切换每个加密数据流，以生成针对所述每个加密数据流的相应交换数据集，其中每个交换数据集包括多个加密数据表示 的每个加密数据流; 以及使用针对每个加密数据流的切换数据集，为每个客户终端生成加密的输出数据流。

公开(公告)号：US09628450B2

公开(公告)日：2017-04-18

申请号：US14254666

申请日：2014-04-16

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff

IPC: H04L29/06

CPC classification number: H04L63/0442 ,  H04L63/0428 ,  H04L63/061

Abstract: A method for data privacy in a distributed communication system including a plurality of client terminals merges encrypted streaming data using tree-like encryption key switching and without sharing any private keys in a distributed communication system. The merged data is then sent to client terminals to be further process by respective client terminals.

公开(公告)号：US09369273B2

公开(公告)日：2016-06-14

申请号：US14191035

申请日：2014-02-26

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff ,  David Bruce Cousins

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/08

CPC classification number: H04L9/008 ,  H04L9/083 ,  H04L63/0457 ,  H04L65/602 ,  H04L65/608

Abstract: A method for data privacy in a VoIP system includes: generating a private key for an additive homomorphic encryption scheme; sending the private key to a plurality of client terminals to be used by each of the plurality of client terminals to encrypt a respective VoIP streaming data; receiving an encrypted VoIP streaming data from each of the plurality of client terminals, wherein each of the VoIP streaming data is encrypted using the same private key; performing an encrypted homomorphic addition on the encrypted VoIP streaming data to generate a mixed encrypted VoIP data stream; and sending the mixed encrypted VoIP data stream to the plurality of client terminals to be played back.

Abstract translation: 一种用于VoIP系统中的数据隐私的方法包括：产生用于加法同态加密方案的私钥; 向所述多个客户端终端发送所述私钥以由所述多个客户终端中的每一个使用以对相应的VoIP流数据进行加密; 从所述多个客户终端中的每一个接收加密的VoIP流数据，其中每个所述VoIP流数据使用相同的私钥进行加密; 对加密的VoIP流数据执行加密的同态加法以产生混合加密的VoIP数据流; 并将混合的加密VoIP数据流发送到要重放的多个客户终端。

公开(公告)号：US09338144B2

公开(公告)日：2016-05-10

申请号：US14184552

申请日：2014-02-19

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/0428 ,  G09C1/00 ,  H04L9/008 ,  H04L9/302 ,  H04L9/3093 ,  H04L63/0442 ,  H04L65/607

Abstract: Method for data privacy in a distributed communication system includes: receiving first and second encrypted data from first and second client terminals, each having a different data representation; analyzing the first and second data representations to determine a common data representation; translating the first and second encrypted data to a shared data representation using the common data representation; performing operations on the first encrypted data and second encrypted data to generate a first and second operated encrypted data; reverting the first operated encrypted data back to said first data representation and sending the reverted first encrypted date to the first client terminal for decryption by the first client terminal; and reverting the second operated encrypted data back to said second data representation and sending the reverted second encrypted date to the second client terminal for decryption by the second client terminal.

Abstract translation: 在分布式通信系统中的数据保密方法包括：从第一和第二客户端接收第一和第二加密数据，每个具有不同的数据表示; 分析第一和第二数据表示以确定公共数据表示; 使用公共数据表示将第一和第二加密数据转换成共享数据表示; 对第一加密数据和第二加密数据执行操作以生成第一和第二操作的加密数据; 将第一操作的加密数据恢复回所述第一数据表示，并将所述恢复的第一加密日期发送到所述第一客户终端以供所述第一客户端终端解密; 以及将所述第二操作的加密数据恢复回所述第二数据表示，并将所述恢复的第二加密日期发送到所述第二客户端，以供由所述第二客户终端进行解密。

公开(公告)号：US09313181B2

公开(公告)日：2016-04-12

申请号：US14194585

申请日：2014-02-28

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff

IPC: H04L29/06 ,  H04K1/00 ,  H04L9/00 ,  H04L9/30

CPC classification number: H04L9/3093 ,  H04K1/00 ,  H04L9/008 ,  H04L63/0428 ,  H04L65/403 ,  H04L65/601

Abstract: In a computer implemented method for data privacy in a distributed communication system including a plurality of client terminals, the method includes: receiving, from each of the plurality of client terminals, a group of key switch hints generated by said each of the client terminals, wherein each group of key switch hints include a key switch hint corresponding to each other one of the client terminals; receiving, from each of the client terminals, an encrypted data stream; switching each of the encrypted data streams using the key switch hints corresponding to said each other one of the client terminals to generate a respective switched data set for said each of the encrypted data streams, wherein each switched data set includes a plurality of encrypted data representations of said each of the encrypted data streams; and generating an encrypted output data stream for each of the client terminals using the switched data set for each encrypted data stream.

Abstract translation: 在包括多个客户终端的分布式通信系统中的用于数据隐私的计算机实现方法中，所述方法包括：从所述多个客户终端中的每一个接收由所述每个所述客户终端生成的一组密钥交换机提示， 其中每组密钥交换机提示包括彼此对应的一个客户终端的密钥交换机提示; 从每个客户终端接收加密的数据流; 使用对应于彼此之一的客户端终端的密钥交换机提示来切换每个加密数据流，以生成针对所述每个加密数据流的相应交换数据集，其中每个交换数据集包括多个加密数据表示 的每个加密数据流; 以及使用针对每个加密数据流的切换数据集，为每个客户终端生成加密的输出数据流。

公开(公告)号：US20150244516A1

公开(公告)日：2015-08-27

申请号：US14191035

申请日：2014-02-26

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff ,  David Bruce Cousins

IPC: H04L9/00 ,  H04L9/14 ,  H04L29/06

CPC classification number: H04L9/008 ,  H04L9/083 ,  H04L63/0457 ,  H04L65/602 ,  H04L65/608

Abstract: A method for data privacy in a VoIP system includes: generating a private key for an additive homomorphic encryption scheme; sending the private key to a plurality of client terminals to be used by each of the plurality of client terminals to encrypt a respective VoIP streaming data; receiving an encrypted VoIP streaming data from each of the plurality of client terminals, wherein each of the VoIP streaming data is encrypted using the same private key; performing an encrypted homomorphic addition on the encrypted VoIP streaming data to generate a mixed encrypted VoIP data stream; and sending the mixed encrypted VoIP data stream to the plurality of client terminals to be played back.

Abstract translation: 一种用于VoIP系统中的数据隐私的方法包括：产生用于加法同态加密方案的私钥; 向所述多个客户端终端发送所述私钥以由所述多个客户终端中的每一个使用以对相应的VoIP流数据进行加密; 从所述多个客户终端中的每一个接收加密的VoIP流数据，其中每个所述VoIP流数据使用相同的私钥进行加密; 对加密的VoIP流数据执行加密的同态加法以产生混合加密的VoIP数据流; 并将混合的加密VoIP数据流发送到要重放的多个客户终端。

公开(公告)号：US20150237019A1

公开(公告)日：2015-08-20

申请号：US14184541

申请日：2014-02-19

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04L63/06 ,  H04L63/061

Abstract: A method for data privacy in a distributed communication system, in which a plurality of client terminals are arranged in a ring configuration merges encrypted streaming data using circular encryption key switching and without sharing any private keys in a distributed communication system. The merged data is then sent to client terminals to be further process by respective client terminals.

Abstract translation: 一种分布式通信系统中的数据隐私的方法，其中多个客户终端以环形配置排列，使用循环加密密钥交换来合并加密的流数据，并且在分布式通信系统中不共享任何私钥。 然后将合并的数据发送到客户终端，以由相应的客户终端进一步处理。

公开(公告)号：US09461974B2

公开(公告)日：2016-10-04

申请号：US14194597

申请日：2014-02-28

Applicant: RAYTHEON BBN TECHNOLOGIES CORP.

Inventor： Kurt Ryan Rohloff

IPC: H04L29/06 ,  H04K1/00 ,  H04L9/00 ,  H04L9/30

CPC classification number: H04L63/0471 ,  H04K1/00 ,  H04L9/008 ,  H04L9/3093 ,  H04L63/0428

Abstract: In a computer implemented method for data privacy in a distributed communication system, the method includes: storing a plurality of secret keys, each secret key for a respective one of a plurality of client terminals; identifying a mixer key; generating a plurality of key switch hints for the client terminals, each of the key switch hints generated for a respective client terminal of the client terminals, using the mixer key and a respective secret key for each respective client terminal; sending the key switch hints to a mixer; switching a first encrypted data stream received from a first client terminal of the client terminals to an encrypted output data stream using the key switch hints; and sending the encrypted output data stream to a receiving client terminal of the client terminals to be decrypted by the receiving client terminal.

Abstract translation: 在分布式通信系统中用于数据保密的计算机实现方法中，所述方法包括：存储多个秘密密钥，每个密钥用于多个客户终端中的相应一个; 识别混音键; 为客户终端产生多个密钥交换机提示，使用混合密钥和每个相应客户终端的相应秘密密钥为客户端终端的相应客户终端生成每个密钥交换机提示; 将密钥交换机提示发送到混音器; 使用所述密钥交换机提示将从所述客户终端的第一客户终端接收的第一加密数据流切换到加密的输出数据流; 并将加密的输出数据流发送到接收客户终端要解密的客户终端的接收客户终端。