Searching Over Encrypted Model and Encrypted Data Using Secure Single-and Multi-Party Learning Based on Encrypted Data

What is claimed is: 1 . A method, comprising: creating and training by a computer system machine learning models using training data from users to create corresponding trained machine learning models, the training data in fully homomorphic encryption (FHE) domains, each FHE domain corresponding to an individual one of the users; running by the computer system the trained machine learning models to perform inferencing using other data from at least one of the users, the running determining results, the other data being in a corresponding FHE domain of the at least one user; determining, by the computer system and using at least the results, which of the following issues is true: the results comprise objectionable material, or at least one of the trained machine learning models performs prohibited release of information; and taking one or more actions to take to address the issue determined to be true. 2 . The method of claim 1 , wherein: the method further comprises, prior to creating and training the machine learning models: curating by the computer system the training data to comprise data and label pairs of objectionable material; directing by the computer system the at least one user to encrypt the curated training data into the corresponding FHE domain of the at least one user; the creating and training comprises training a single machine learning model using the encrypted training data to develop a single trained machine learning model; the running comprises running the single trained machine learning model to perform inferencing using the other data from the at least one user; wherein the determining which of the following issues is true further comprises: directing by the computer system the at least one user to decrypt the results into cleartext and to release the cleartext results; determining by the computer system whether any of the cleartext results are objectionable material; and determining an issue of the cleartext results comprise objectionable material is true; the taking one or more actions further comprises taking, in response to the cleartext results comprising objectionable material, one or more actions regarding the objectionable material. 3 . The method of claim 2 , wherein the one or more actions comprise one or more of suspending the at least one user's use of the model, alerting authorities to the objectionable material, or removing the objectionable material from storage. 4 . The method of claim 2 , wherein the directing by the computer system the at least one user to release the cleartext results directs the at least one user to release the cleartext results to the computer system. 5 . The method of claim 2 , wherein: the at least one user is multiple users; the directing the at least one user to encrypt the training data into an FHE domain of the at least one user further comprises directing the multiple users to encrypt the training data into corresponding FHE domains of the multiple users; the training trains a combined machine learning model using the encrypted training data to develop a trained combined machine learning model; the running comprises running by the computer system the trained machine learning model on other data from the multiple users to determine results, the other data being in corresponding FHE domains of the multiple users; and the directing the at least one user to decrypt the results into cleartext and to release the cleartext results further comprises directing by the computer system one or more of the multiple users to decrypt the results into cleartext and to release the cleartext results. 6 . The method of claim 5 , wherein the training further comprises: providing the training data to the combined machine learning model to determine a corresponding plurality of locally learned outputs, each of the locally learned outputs in an FHE domain of a corresponding one of the multiple users; coordinating a conversion of the locally learned outputs in the FHE domains into a multiparty FHE (MFHE) domain, where each converted locally learned output is encrypted by all of the multiple users; aggregating the converted locally learned outputs into a composite output in the MFHE domain; coordinating a conversion of the composite output in the MFHE domain into the FHE domains of the corresponding multiple users to create converted composite outputs, where each converted composite output is encrypted by only a respective one of the multiple users; and updating the combined machine learning model based on the plurality of converted composite outputs. 7 . The method of claim 1 , wherein: creating and training by a computer system machine learning models further comprises: creating and training by the computer system N machine learning models that when applied to particular training data will release information that is believed to be prohibited by release, where N is at least 1, wherein the N machine learning models use training data in the FHE domains corresponding to the at least one user; and creating a machine learning model for the at least one user; the running comprises running the machine learning model for at least one user and running the N models on other data from the at least one user to create the results, the other data encrypted in an FHE domain corresponding to the at least one user; the determining which of the following issues is true further comprises: comparing the results between the model for the at least one user and the N models; determining the model of the at least one user might be performing prohibited release of information based on statistically significant results in the comparison of the results; and determining an issue of the model of the at least one user performs prohibited release of information is true; the taking one or more actions comprises addressing the prohibited release of information at least with the at least one user. 8 . The method of claim 7 , wherein the prohibited release of information is further addressed with one or both of an auditor or regulator. 9 . The method of claim 7 , further comprising, in response to the at least one user requesting a new machine learning model be developed, creating the new machine learning model and wherein the new machine learning model is used for the running the model of the at least one user on the other data from the at least one user to create the results. 10 . The method of claim 7 , further comprising testing the N models at least by: curating by the computer system training data having the particular data with the information that if released would be prohibited by its release; directing by the computer system the at least one user to encrypt the training data in a corresponding FHE domain of the at least one user; running by the computer system the N models on the encrypted data and determining corresponding results; directing the at least one user to decrypt the results into plaintext; and checking that prohibited information has been released for one or more of the N models. 11 . The method of claim 10 , wherein the testing further comprises revising the one or more of the N models that did not release prohibited information, running by the computer system the one or more of the N models that did not release prohibited information on the encrypted data and determining corresponding results, directing the at least one user to decrypt the results into plaintext, and checking that prohibited information has been released for the one or more of the N models that did not release prohibited information. 12 . A computer system comprising: a memory comprising program code;