公开(公告)号：US20180218168A1

公开(公告)日：2018-08-02

申请号：US15419726

申请日：2017-01-30

Applicant: Google Inc.

Inventor： Vinay Goel ,  Philip Mcdonnell ,  Sachin Kulkarni ,  Anshul Gupta ,  Shobhit Saxena ,  Patrick McDonald ,  Thai Duong ,  Mihaela Ion ,  Benjamin Kreuter ,  Sarvar Patel ,  Karn Seth

IPC: G06F21/62 ,  H04L9/06 ,  G06F17/30

Abstract: A method for linking user identifiers. The method includes receiving, by a linking server and from a company server, a first data structure comprising entries. Each entry comprising a user tag, a first hashed user information, and a second hashed user information. The method includes receiving, by a linking server and from a partner server, a second data structure comprising entries. Each entry comprising a bridge tag, a first hashed bridge information, and a second hashed bridge information. The method includes retrieving, by the linking server and from the first data structure, a first entry of the entries and retrieving, by the linking server and from the second data structure, a first entry of the entries. The method includes linking the user tag of the first entry of the first data structure to the bridge tag of the first entry of the second data structure to generate a first linkage.

公开(公告)号：US09641318B2

公开(公告)日：2017-05-02

申请号：US14590479

申请日：2015-01-06

Applicant: Google Inc.

Inventor： Sarvar Patel ,  Marcel M. M. Yung

IPC: H04L9/00

CPC classification number: H04L9/008 ,  H04L9/0618 ,  H04L9/14

Abstract: Systems and methods for a multiple value packing scheme for homomorphic encryption are described, including at a server, generating a plurality of encrypted payloads, each having a plurality of data values; and at a client, receiving each of the encrypted payloads having the plurality of data values; and multiplying one or more of the data values of one of the encrypted payloads by one or more other data values in one or more of the other encrypted payloads, to generate a product that represents the summation of data values corresponding to the multiplied one or more data values of the encrypted payloads and the one or more of the other data values in the one or more other encrypted payloads.

公开(公告)号：US09264221B2

公开(公告)日：2016-02-16

申请号：US14170436

申请日：2014-01-31

Applicant: GOOGLE INC.

Inventor： Marcel M. M. Yung ,  Sarvar Patel

IPC: H04L9/30 ,  H04L9/06

CPC classification number: H04L9/0618 ,  H04L9/30 ,  H04L9/302 ,  H04L2209/125

Abstract: Systems and methods for faster public key encryption using the associated private key portion are described, including encrypting a plaintext into a ciphertext, where the encrypting uses a public key and a corresponding private key; and storing the ciphertext.

Abstract translation: 描述使用关联的私钥部分进行更快的公开密钥加密的系统和方法，包括将明文加密成密文，其中加密使用公钥和相应的私钥; 并存储密文。

公开(公告)号：US09148283B1

公开(公告)日：2015-09-29

申请号：US14067162

申请日：2013-10-30

Applicant: Google Inc.

Inventor： Umesh Shankar ,  Andrei Kulik ,  Bodo Moller ,  Sarvar Patel ,  Brian N. Bershad ,  David Erb

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/321 ,  H04L9/0819 ,  H04L63/0428 ,  H04L63/101 ,  H04L63/104 ,  H04L67/1097 ,  H04L2463/062

Abstract: An encrypted resource is stored in association with an access control list. A request to retrieve the resource is received. The wrapped key and the authentication credentials are sent, from the application server system, to a key server system. An unencrypted version of the resource encryption key is received from the key server system if the key server system determines that the authentication credentials correspond to a user in the group of users identified by the group identifier. The stored encrypted resource is decrypted using the received unencrypted version of the resource encryption key to generate an unencrypted version of the resource. The unencrypted version of the resource is sent, from the application server system, to the client application.

Abstract translation: 与访问控制列表相关联地存储加密资源。 接收到检索资源的请求。 包裹的密钥和认证凭证从应用服务器系统发送到密钥服务器系统。 如果密钥服务器系统确定认证凭证对应于由组标识符标识的用户组中的用户，则从密钥服务器系统接收到资源加密密钥的未加密版本。 存储的加密资源使用所接收的未加密版本的资源加密密钥进行解密，以生成资源的未加密版本。 将资源的未加密版本从应用服务器系统发送到客户端应用程序。

公开(公告)号：US20160359617A1

公开(公告)日：2016-12-08

申请号：US14590479

申请日：2015-01-06

Applicant: Google Inc.

Inventor： Sarvar Patel ,  Marcel M.M. Yung

IPC: H04L9/00

CPC classification number: H04L9/008 ,  H04L9/0618 ,  H04L9/14

Abstract: Systems and methods for a multiple value packing scheme for homomorphic encryption are described, including at a server, generating a plurality of encrypted payloads, each having a plurality of data values; and at a client, receiving each of the encrypted payloads having the plurality of data values; and multiplying one or more of the data values of one of the encrypted payloads by one or more other data values in one or more of the other encrypted payloads, to generate a product that represents the summation of data values corresponding to the multiplied one or more data values of the encrypted payloads and the one or more of the other data values in the one or more other encrypted payloads.

Abstract translation: 描述了用于同态加密的多值打包方案的系统和方法，包括在服务器处产生多个加密的有效载荷，每个具有多个数据值; 并且在客户端处接收具有所述多个数据值的每个加密有效载荷; 以及将一个或多个加密有效载荷的数据值乘以一个或多个其它加密有效载荷中的一个或多个其他数据值，以产生表示对应于所乘的一个或多个的数据值的和的乘积 加密的有效载荷的数据值和一个或多个其它加密的有效载荷中的一个或多个其他数据值。

公开(公告)号：US09118631B1

公开(公告)日：2015-08-25

申请号：US13969340

申请日：2013-08-16

Applicant: GOOGLE INC.

Inventor： Marcel M. M. Yung ,  Sarvar Patel ,  Binyamin Pinkas

IPC: H04L29/06 ,  H04L9/00 ,  G06F21/42 ,  G06F21/62

CPC classification number: H04L63/0428 ,  G06F21/6227 ,  G06F21/6245 ,  G06F21/74 ,  H04L9/008 ,  H04L9/3247 ,  H04L63/0442

Abstract: Processing a query, includes, at a client, receiving a user-generated query having a plurality of recognizable terms, securing the user-generated query to generate an encrypted query, so that the plurality of recognizable terms generated by the user-generated query cannot be determined by a server, transmitting the encrypted query to the server, to perform the query on encrypted data comprising a mix of regular data and secure data previously provided by the client, wherein at least one of selection criteria of the query and identifies of selected records of the query result cannot be determined by the server, and interpreting a result of the query provided by the server, and providing an output of the query to the user having the plurality of recognizable terms.

Abstract translation: 处理查询，包括在客户端接收具有多个可识别术语的用户生成的查询，保护用户生成的查询以生成加密查询，使得由用户生成的查询生成的多个可识别术语不能 由服务器确定，将加密的查询发送到服务器，以对包括常规数据和先前由客户端提供的安全数据的混合的加密数据执行查询，其中查询的选择标准中的至少一个和所选择的 查询结果的记录不能由服务器确定，并且解释由服务器提供的查询的结果，并且向具有多个可识别术语的用户提供查询的输出。

公开(公告)号：US08966283B1

公开(公告)日：2015-02-24

申请号：US13768207

申请日：2013-02-15

Applicant: Google Inc.

Inventor： Umesh Shankar ,  Ruoming Pang ,  Benjamin Valerian Pflanz ,  Sarvar Patel ,  Darrell Kindred ,  Daniel Rebolledo Samper

IPC: G06F7/22 ,  G06F12/14 ,  G06F12/06

CPC classification number: G06F21/78 ,  G06F21/602 ,  G06F2221/2107

Abstract: This document describes methods and systems by which a data storage service migrates a volume of stored data from an unencrypted format to an encrypted format while still permitting user access to the data. The encryption process uses migration markers to identify records that have undergone the encryption process. When migration is complete, the service removes the migration markers and retains the encrypted data in a data storage facility.

Abstract translation: 本文档描述了数据存储服务将一系列存储数据从未加密格式迁移到加密格式的方法和系统，同时仍允许用户访问数据。 加密过程使用迁移标记来识别经过加密过程的记录。 迁移完成后，服务将删除迁移标记，并将加密数据保留在数据存储设备中。

公开(公告)号：US10558817B2

公开(公告)日：2020-02-11

申请号：US15419726

申请日：2017-01-30

Applicant: Google Inc.

Inventor： Vinay Goel ,  Philip Mcdonnell ,  Sachin Kulkarni ,  Anshul Gupta ,  Shobhit Saxena ,  Patrick McDonald ,  Thai Duong ,  Mihaela Ion ,  Benjamin Kreuter ,  Sarvar Patel ,  Karn Seth

IPC: H04L29/06 ,  G06F21/62 ,  G06F16/22 ,  H04L9/06

Abstract: A method for linking user identifiers. The method includes receiving, by a linking server and from a company server, a first data structure comprising entries. Each entry comprising a user tag, a first hashed user information, and a second hashed user information. The method includes receiving, by a linking server and from a partner server, a second data structure comprising entries. Each entry comprising a bridge tag, a first hashed bridge information, and a second hashed bridge information. The method includes retrieving, by the linking server and from the first data structure, a first entry of the entries and retrieving, by the linking server and from the second data structure, a first entry of the entries. The method includes linking the user tag of the first entry of the first data structure to the bridge tag of the first entry of the second data structure to generate a first linkage.

公开(公告)号：US20170149558A1

公开(公告)日：2017-05-25

申请号：US15381449

申请日：2016-12-16

Applicant: GOOGLE INC.

Inventor： Sarvar Patel ,  Marcel M.M. Yung

IPC: H04L9/00 ,  H04L9/06 ,  H04L9/14

CPC classification number: H04L9/008 ,  H04L9/0618 ,  H04L9/14

Abstract: Systems and methods for a multiple value packing scheme for homomorphic encryption are described, including at a server, generating a plurality of encrypted payloads, each having a plurality of data values; and at a client, receiving each of the encrypted payloads having the plurality of data values; and multiplying one or more of the data values of one of the encrypted payloads by one or more other data values in one or more of the other encrypted payloads, to generate a product that represents the summation of data values corresponding to the multiplied one or more data values of the encrypted payloads and the one or more of the other data values in the one or more other encrypted payloads.

公开(公告)号：US09094378B1

公开(公告)日：2015-07-28

申请号：US13969366

申请日：2013-08-16

Applicant: GOOGLE INC.

Inventor： Marcel M. M. Yung ,  Sarvar Patel ,  Binyamin Pinkas

IPC: H04L29/06 ,  G06F12/14

CPC classification number: G06F12/1408 ,  G06F21/6227 ,  H04L9/008 ,  H04L9/3073

Abstract: Homomorphic cryptography on numerical values in digital computing is described, including converting a numerical value encoded in a bit string of a first size to another bit string of a second size, which is different from the first size; encrypting the numerical value in the another bit string to produce a ciphertext; and storing the ciphertext.

Abstract translation: 描述了数字计算中的数值的同态密码学，包括将第一大小的比特串中编码的数值转换成与第一大小不同的第二大小的另一比特串; 加密另一位串中的数值以产生密文; 并存储密文。