"Blinding", thanks! Is there an algebraic theory of blinding that is sufficiently general to cover both crypto blinding and things like "pre-conditioning" in numerical matrix theory? At 02:16 PM 7/28/2015, Mike Stay wrote:

It's called "blinding" in multiparty secure computation protocols.

On Tue, Jul 28, 2015 at 1:57 PM, Henry Baker <hbaker1@pipeline.com> wrote:

...

There have been proposals down through the years to incorporate checking logic on ALU's to make sure that the calculations were correct. I believe that IBM made some progress along these lines back in the 1960's.

More recently, timing/power/radio/sound emission attacks on encryption have led to computations in which random numbers are inserted early in the calculation, only to later drop out, in order to mask the side-channel information of the actual calculation being performed.

I don't know the precise name for these "masking numbers & calculations", but they fall short of fully homomorphic encryption, which would allow an *arbitrary* but unknown calculation to be performed.

There are also worries of compromised hardware which looks for *specific constants* being used as operands, and upon encountering such operands, the hardware squirrels away some of the other -- presumably private -- data for illicit use.

Some forms of "masked arithmetic" could also reduce the capabilities of this type of compromised hardware.

Are there any papers which develop a theory of "masked arithmetic" which would be substantially simpler (& more efficient) than fully homomorphic encryption?