Secure computer evaluation of decision trees

What is claimed is: 1. A computer system comprising: a server computer, comprising a processor, memory connected to the processor to allow access by the processor to data stored in the memory, persistent storage connected to the processor to allow access by the processor to data stored in the persistent storage, a network interface connected to the processor and the memory to allow access by the server computer to a computer network and to allow the server computer to communicate messages over the computer network to and from user devices, and computer program instructions stored in at least one of the memory and persistent storage of the server computer that, when processed by the processor, instruct the processor to: receive, from a user device over the computer network and through the network interface, an encrypted input vector, wherein the input vector is encrypted using a public key related to the user device in an additively-homomorphic public-key encryption scheme; store the received encrypted input vector received from a user device in the memory; engage in a comparison protocol, using the processor, in which the encrypted input vector is compared to thresholds associated with decision nodes of a decision tree, so as to generate in the memory encrypted results of the comparison protocol, wherein the encrypted results represent a decision string comprising a first part accessible to the user device and a second part accessible by the server computer; transmit the first part of the encrypted results to the user device through the network interface and over the computer network; receive a request from the user device, over the computer network and through the network interface, for a value from a decision tree database corresponding to the first part of the encrypted results; obtain, using the processor, the value from the decision tree database using the request and the second part of the encrypted results; transmit, through the network interface and over the computer network, the value from the decision tree database in encrypted form to the user device; and wherein the user device is operative to decrypt the transmitted value from the decision tree database to provide a classification of the encrypted input vector at the user device. 2. The computer system of claim 1 , wherein engaging in the comparison protocol includes effectively randomizing the decision tree. 3. The computer system of claim 2 , wherein engaging in the comparison protocol comprises: generating a decision string as a result of evaluating the decision tree; randomizing the decision string. 4. The computer system of claim 3 , wherein generating the decision string includes computing an encrypted comparison result for each decision node. 5. The computer system of claim 2 , wherein engaging in the comparison protocol includes randomizing the decision tree. 6. The computer system of claim 5 , wherein engaging in the comparison protocol further comprises computing an encrypted comparison result for each decision node as a function of a conditional value known to the server computer. 7. The computer system of claim 6 , wherein engaging in the comparison protocol further comprises computing keys for transmission to the user device, wherein the keys define an encryption of results of the decision tree. 8. The computer system of claim 7 , wherein the keys comprises a set of keys, each key being associated with an edge of the decision tree, and wherein engaging in the comparison protocol further comprises transmitting the keys to the user device such that each key is retrievable by the user device only if the edge associated with the key corresponds to a true comparison result between the input device decision nodes in the decision tree. 9. A computer implemented process performed by a server computer, comprising a processor, memory connected to the processor to allow access by the processor to data stored in the memory, persistent storage connected to the processor to allow access by the processor to data stored in the persistent storage, a network interface connected to the processor and the memory to allow access by the server computer to a computer network and to allow the server computer to communicate messages over the computer network to and from user devices, and computer program instructions stored in at least one of the memory and persistent storage of the server computer that, when processed by the processor, instruct the processor to perform a process comprising: receiving an encrypted input vector from a user device over the computer network and through the network interface; storing the receive encrypted input vector in the memory; engaging in a comparison protocol, using the processor, in which the encrypted input vector is compared to thresholds associated with decision nodes of a decision tree, so as to generate in the memory encrypted results of the comparison protocol, wherein the encrypted results represent a decision string comprising a first part accessible to the user device and a second part accessible by the server computer; transmitting the first part of the encrypted results to the user device through the network interface and over the computer network; receiving a request from the user device, over the computer network and through the network interface, for a value from a decision tree database corresponding to the first part of the encrypted results; obtaining, using the processor, the value from the decision tree database using the request and the second part of the encrypted results; transmitting, through the network interface and over the computer network, the value from the decision tree database in encrypted form to the user device; and the user device decrypting the transmitted value from the decision tree database to provide a classification of the encrypted input vector at the user device. 10. The computer implemented process of claim 9 , wherein engaging in the comparison protocol includes effectively randomizing the decision tree. 11. The computer implemented process of claim 10 , wherein engaging in the comparison protocol comprises: generating a decision string as a result of evaluating the decision tree; randomizing the decision string. 12. The computer implemented process of claim 11 , wherein generating the decision string includes computing an encrypted comparison result for each decision node. 13. The computer implemented process of claim 10 , wherein engaging in the comparison protocol includes randomizing the decision tree. 14. The computer implemented process of claim 13 , wherein engaging in the comparison protocol further comprises computing an encrypted comparison result for each decision node as a function of a conditional value. 15. The computer implemented process of claim 14 , wherein the keys comprises a set of keys, each key being associated with an edge of the decision tree, and wherein engaging in the comparison protocol further comprises transmitting the keys to the user device such that each key is retrievable by the user device only if the edge associated with the key corresponds to a true comparison result between the input device decision nodes in the decision tree. 16. An article of manufacture comprising: computer storage having computer program instructions stored in the computer storage, that, when executed by a computer having a processor, memory connected to the processor to allow access by the processor to data stored in the memory, and persistent storage connected to the processor to allow access by the processor to data stored in the persiste