SYSTEM AND METHOD FOR MERGING ENCRYPTION DATA WITHOUT SHARING A PRIVATE KEY

摘要

A method for data privacy in a distributed communication system including a plurality of client terminals merges encrypted streaming data using tree-like encryption key switching and without sharing any private keys in a distributed communication system. The merged data is then sent to client terminals to be further process by respective client terminals.

主权项

1. A computer implemented method for data privacy in a distributed communication system including a plurality of client terminals, the method comprising:
receiving by a second client terminal of the plurality of client terminals, a first public key from a first client terminal of the plurality of client terminals; generating a second/first key switch hint for the first client terminal, by the second client terminal, using the first public key and a second private key of the second client terminal; transmitting the second/first key switch hint and second encryption data from the second client terminal to a mixer; receiving by a fourth client terminal of the plurality of client terminals, a third public key from a third client terminal of the plurality of client terminals; generating a fourth/third key switch hint for the third client terminal, by the fourth client terminal, using the third public key and a fourth private key of the fourth client terminal; transmitting the fourth/third key switch hint and fourth encryption data from the fourth client terminal to the mixer; receiving by the third client terminal, the first public key from the first client terminal; generating a third/first key switch hint for the first client terminal, by the third client terminal, using the first public key and a third private key of the third client terminal; transmitting the third/first key switch hint from the third client terminal to the mixer; using, by the mixer, the second/firth key switch hint and the second encrypted data from the second client terminal to switch the second encrypted data to generate first switched encrypted data; adding, by the mixer, the first switched encrypted data to the first encryption data received from the first client terminal to output first summed encrypted data; using, by the mixer, the fourth/third key switch hint and the third encrypted data from the third client terminal to switch the fourth encrypted data to generate second switched encrypted data; adding, by the mixer, the second switched encrypted data to the third encryption data received from the third client terminal to output second summed encrypted data; using, by the mixer, the third/first key switch hint and the second summed encrypted data to switch the second summed encrypted data to generate third switched encrypted data; adding, by the mixer, the third switched encrypted data to the first summed encrypted data to output third summed encrypted data; and transmitting the third summed encrypted data to the first client terminal to be decrypted by the first client terminal.