ENCRYPTED SEARCH CLOUD SERVICE WITH CRYPTOGRAPHIC SHARING

    公开(公告)号:US20250045448A1

    公开(公告)日:2025-02-06

    申请号:US18923613

    申请日:2024-10-22

    Applicant: Google LLC

    Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.

    ENCRYPTED INFORMATION RETRIEVAL
    52.
    发明申请

    公开(公告)号:US20250013774A1

    公开(公告)日:2025-01-09

    申请号:US18896152

    申请日:2024-09-25

    Applicant: Google LLC

    Abstract: Encrypted information retrieval can include generating a database that is partitioned into shards each having a shard identifier, and database entries in each shard that are partitioned into buckets having a bucket identifier. A batch of client-encrypted queries are received. The batch of client-encrypted queries are processed using a set of server-encrypted data stored in a database. The processing includes grouping the client-encrypted queries according to shard identifiers of the client-encrypted queries, executing multiple queries in the group of client-encrypted queries for the shard together in a batch execution process, and generating multiple server-encrypted results to the multiple queries in the group of client-encrypted queries. The multiple server-encrypted results for each shard are transmitted to the client device.

    Encrypted information retrieval
    53.
    发明授权

    公开(公告)号:US12135811B2

    公开(公告)日:2024-11-05

    申请号:US18008554

    申请日:2022-06-14

    Applicant: Google LLC

    Abstract: Encrypted information retrieval can include generating a database that is partitioned into shards each having a shard identifier, and database entries in each shard that are partitioned into buckets having a bucket identifier. A batch of client-encrypted queries are received. The batch of client-encrypted queries are processed using a set of server-encrypted data stored in a database. The processing includes grouping the client-encrypted queries according to shard identifiers of the client-encrypted queries, executing multiple queries in the group of client-encrypted queries for the shard together in a batch execution process, and generating multiple server-encrypted results to the multiple queries in the group of client-encrypted queries. The multiple server-encrypted results for each shard are transmitted to the client device.

    Oblivious access with differential privacy

    公开(公告)号:US11727124B2

    公开(公告)日:2023-08-15

    申请号:US16623311

    申请日:2018-01-12

    Applicant: Google LLC

    Abstract: A method executing an instruction (300) to execute a query (q) for a data block (102) and determining whether the data block is stored in a block stash (370). When the data block is stored in the block stash during a download phase, the method includes removing the data block from the block stash, sending a fake query (304) to a distributed system (140) to retrieve a random data block stored in memory (114) of a distributed system (140), and discarding the random data block. When a current version of the data block is stored in the block stash during an overwrite phase, the method includes sending a fake query to the distributed system to retrieve another random data block stored in the memory of the distributed system, decrypting and re-encrypting the random data block with fresh randomness, and re-uploading the re-encrypted random data block onto the distributed system.

    Encrypted aggregated transaction data exchange with transaction data provider

    公开(公告)号:US11055706B2

    公开(公告)日:2021-07-06

    申请号:US14660204

    申请日:2015-03-17

    Applicant: Google LLC

    Abstract: Aggregated transaction data from a transaction data provider may be encrypted and exchanged with a content item selection system using commutative encryption algorithms. The transaction data provider and content item selection system may utilize a set of common identifiers that are each encrypted using a respective commutative encryption algorithm of the transaction data provider or content item selection system. The other of the transaction data provider or content item selection system encrypts the single-encrypted common identifier using a respective commutative encryption algorithm to generate double encrypted common identifiers. The double encrypted common identifiers may be used to match a set of common identifiers with transaction data. The transaction data may be encrypted and/or may include random offset values.

    Encrypted Search with a Public Key
    58.
    发明申请

    公开(公告)号:US20210184840A1

    公开(公告)日:2021-06-17

    申请号:US16712487

    申请日:2019-12-12

    Applicant: Google LLC

    Abstract: A method for searchable encryption with a public key includes receiving an operation request front a user device associated with a user requesting that encryption of data associated with the user. The data includes a corpus of documents stored on a remote storage device. The method also includes receiving a public key associated with the user. The public key includes an asymmetric cryptographic public key. The method also includes generating a random data key. The data key includes a symmetric cryptographic key. The method also includes encrypting, using the data key, a search index for the corpus of documents based on keywords within the corpus of documents. The method also includes encrypting, using the public key, the data key and sending the encrypted data key to a user device associated with the user.

    Encrypted Search System Design for Email Client-Side Encryption

    公开(公告)号:US20210182408A1

    公开(公告)日:2021-06-17

    申请号:US16713872

    申请日:2019-12-13

    Applicant: Google LLC

    Abstract: A method for providing an encrypted search system includes receiving a search query for a keyword that appears in one or more encrypted emails stored on an untrusted storage device and accessing, a count table to obtain a count of unique emails within the emails that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of unique emails that include the keyword and delegating at least a portion of the DPRF to the untrusted storage device that causes the storage device to evaluate the delegated DPRF, access an encrypted search index associated with the emails, and determine one or more encrypted emails associated with the delegated DPRF based on the encrypted search index. The storage device also returns, to the user device, an identifier for each encrypted email associated with the delegated DPRF.

Patent Agency Ranking