-
公开(公告)号:US12192342B2
公开(公告)日:2025-01-07
申请号:US17916871
申请日:2022-03-07
Applicant: Google LLC
Inventor: Gang Wang , Sarvar Patel , Marcel M. Moti Yung , Karn Seth , Kevin Wei Li Yeo , Benjamin Kreuter , Mariana Raykova , Tancrède Lepoint
IPC: H04L9/08
Abstract: This document relates to using secure MPC to select digital components in ways that preserve user privacy and protects the security of data of each party that is involved in the selection process. In one aspect, a method includes receiving, by a first computing system of a secure MPC system and from a client device, a digital component request and a nonce. The first computing system generates, based on the nonce and a function, an array including a share of a Bloom filter representing user group identifiers for user groups that include a user of the client device as a member. For each of multiple user group identifiers, the first computing system calculates, in collaboration with one or more second computing systems of the secure MPC system and using the array, a respective first secret share of one or more user group membership condition parameters.
-
公开(公告)号:US12141315B2
公开(公告)日:2024-11-12
申请号:US18159674
申请日:2023-01-25
Applicant: Google LLC
Inventor: Kevin Yeo , Sarvar Patel , Giuseppe Persiano
Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.
-
公开(公告)号:US12050579B2
公开(公告)日:2024-07-30
申请号:US18149085
申请日:2022-12-31
Applicant: Google LLC
Inventor: Kevin Yeo , Sarvar Patel , Giuseppe Persiano , Mariana Raykova
CPC classification number: G06F16/2255 , G06F3/0604 , G06F3/064 , G06F3/0644 , G06F3/0659 , G06F3/0673 , G06F21/10 , G06F21/78 , H04L67/10
Abstract: A method includes executing an instruction to execute a query for a data block, the data block associated with a corresponding memory level of a logarithmic number of memory levels (li) of memory, each memory level (li) including physical memory (RAMi) residing on memory hardware of a distributed system. The method also includes retrieving a value associated with the data block from an oblivious hash table using a corresponding key, and extracting un-queried key value pairs from the oblivious hash table associated with un-queried data blocks after executing a threshold number of queries for data blocks. The method also includes a multi-array shuffle routine on the extracted key value pairs from the oblivious hash table to generate an output array containing the un-queried key value pairs.
-
公开(公告)号:US11962687B2
公开(公告)日:2024-04-16
申请号:US17298893
申请日:2019-12-04
Applicant: Google LLC
Inventor: Sarvar Patel , Marcel M. M. Yung , Gang Wang , Karn Seth , Mariana Raykova , Benjamin R. Kreuter , Ananth Raghunathan
CPC classification number: H04L9/085 , H04L9/0869 , H04L9/32 , H04L2209/50
Abstract: A method including at each of a number of client devices receiving a data item, receiving a public key from a second computing system, encrypting the data item using the public key to produce a singly encrypted data item, engaging in an oblivious pseudorandom function protocol with a first computing system using the singly encrypted data item to produce a seed, generating an encrypted secret share using a threshold secret sharing function under which the encrypted secret share cannot be decrypted until a threshold number of encrypted secret shares associated with the same singly encrypted data item are received, and transmitting the encrypted secret share to the first computing system and at the first computing system receiving a number of encrypted secret shares from the number of client devices, processing the number of encrypted secret shares to produce processed data, and transmitting the processed data to a second computing system.
-
公开(公告)号:US20230274007A1
公开(公告)日:2023-08-31
申请号:US18312556
申请日:2023-05-04
Applicant: Google LLC
Inventor: Kevin Yeo , Sarvar Patel , Giuseppe Persiano
CPC classification number: G06F21/602 , G06F21/6227 , H04L9/0894 , G06F2221/2107 , G06F2221/0751
Abstract: A method for providing response-hiding searchable encryption includes receiving a search query for a keyword from a user device associated with a user. The keyword appears in one or more encrypted documents within a corpus of encrypted documents stored on an untrusted storage device. The method also includes accessing a document oblivious key-value storage (OKVS) to obtain a list of document identifiers associated with the keyword. Each document identifier in the list of document identifiers associated with a respective keyword identifier is concatenated with the keyword and uniquely identifies a respective one of the one or more encrypted documents that the keyword appears in. The method also includes returning the list of document identifiers obtained from the document OKVS to the user device.
-
公开(公告)号:US11743034B2
公开(公告)日:2023-08-29
申请号:US17567208
申请日:2022-01-03
Applicant: Google LLC
Inventor: Shobhit Saxena , Benjamin Kreuter , Sarvar Patel , Karn Seth
CPC classification number: H04L9/0838 , G06F9/44 , G06F21/6254 , H04L9/008 , H04L9/083 , H04L9/0844 , H04L9/32 , H04L63/06 , H04L9/30 , H04L9/3013 , H04L9/3066
Abstract: Systems and methods may be used for establishing a link between user identifiers of different systems without disclosing specific user identifying information. One method includes generating a matching relationship based on double encrypted one or more first data sets of a first party system and double encrypted one or more second data sets of a second party system. The matching relationship indicates one or more links between match keys associated with the first party system and the match keys associated with the third party system. The method includes assigning bridge identifiers for user identifiers associated with the first party system and the user identifiers associated with the third party system based on the matching relationship.
-
公开(公告)号:US20230185960A1
公开(公告)日:2023-06-15
申请号:US18167490
申请日:2023-02-10
Applicant: Google LLC
Inventor: Sarvar Patel , Kevin Yeo , Giuseppe Persiano
CPC classification number: G06F21/6245 , G06F17/16 , G06F21/602 , H04L9/008
Abstract: A method includes initializing a client state on a client device be executing a private batched sum retrieval instruction to compute c sums O of data blocks from an untrusted storage device. Each computed sum O stored on memory hardware of the client device and including a sum of a corresponding subset S of exactly k data blocks. The method also includes a query instruction to retrieve a query block Bq stored on the untrusted storage device by iterating through each of the c sums O of data blocks to identify one of the c sums O that does not include the query block Bq, instructing a service to pseudorandomly partition the untrusted storage device into partitions and sum the data blocks in each partition to determine a corresponding encrypted data block sum.
-
公开(公告)号:US20230169201A1
公开(公告)日:2023-06-01
申请号:US18159674
申请日:2023-01-25
Applicant: Google LLC
Inventor: Kevin Yeo , Sarvar Patel , Gluseppe Persiano
CPC classification number: G06F21/6227 , H04L9/085 , H04L63/10 , H04L63/062 , H04L63/0435 , H04L9/3234 , H04L9/0631 , H04L9/0866 , H04L9/0819 , H04L9/0894 , H04L63/08
Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.
-
公开(公告)号:US20230155820A1
公开(公告)日:2023-05-18
申请号:US17916871
申请日:2022-03-07
Applicant: Google LLC
Inventor: Gang Wang , Sarvar Patel , Marcel M. Moti Yung , Karn Seth , Kevin Wei Li Yeo , Benjamin Kreuter , Mariana Raykova , Tancrède Lepoint
IPC: H04L9/08
CPC classification number: H04L9/085 , H04L2209/466
Abstract: This document relates to using secure MPC to select digital components in ways that preserve user privacy and protects the security of data of each party that is involved in the selection process. In one aspect, a method includes receiving, by a first computing system of a secure MPC system and from a client device, a digital component request and a nonce. The first computing system generates, based on the nonce and a function, an array including a share of a Bloom filter representing user group identifiers for user groups that include a user of the client device as a member. For each of multiple user group identifiers, the first computing system calculates, in collaboration with one or more second computing systems of the secure MPC system and using the array, a respective first secret share of one or more user group membership condition parameters.
-
公开(公告)号:US11621828B1
公开(公告)日:2023-04-04
申请号:US17448565
申请日:2021-09-23
Applicant: Google LLC
Inventor: Kevin Yeo , Joon Young Seo , Sarvar Patel
Abstract: A method includes obtaining, from a server, a filter including a set of encrypted identifiers each encrypted with a server key controlled by the server. The method includes obtaining a request that requests determination of whether a query identifier is a member of a set of identifiers corresponding to the set of encrypted identifiers. The method also includes transmitting an encryption request to the server that requests the server to encrypt the query identifier. The method includes receiving, from the server, an encrypted query identifier including the query identifier encrypted by the server key and determining, using the filter, whether the encrypted query identifier is not a member of the set of encrypted identifiers. When the encrypted query identifier is not a member of the set of encrypted identifiers, the method includes reporting that the query identifier is not a member of the set of identifiers.
-
-
-
-
-
-
-
-
-