公开(公告)号：US20250045448A1

公开(公告)日：2025-02-06

申请号：US18923613

申请日：2024-10-22

Applicant: Google LLC

Inventor： Kevin Yeo ,  Sarvar Patel ,  Giuseppe Persiano

IPC: G06F21/62 ,  H04L9/06 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40

Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.

公开(公告)号：US11727124B2

公开(公告)日：2023-08-15

申请号：US16623311

申请日：2018-01-12

Applicant: Google LLC

Inventor： Kevin Yeo ,  Sarvar Patel ,  Giuseppe Persiano

IPC: G06F21/60 ,  G06F16/2458 ,  G06F3/06 ,  G06F12/14 ,  G06F21/62

CPC classification number: G06F21/602 ,  G06F3/064 ,  G06F3/067 ,  G06F3/0623 ,  G06F12/1408 ,  G06F16/2471 ,  G06F21/6227 ,  G06F2212/1052 ,  G06F2221/2123

Abstract: A method executing an instruction (300) to execute a query (q) for a data block (102) and determining whether the data block is stored in a block stash (370). When the data block is stored in the block stash during a download phase, the method includes removing the data block from the block stash, sending a fake query (304) to a distributed system (140) to retrieve a random data block stored in memory (114) of a distributed system (140), and discarding the random data block. When a current version of the data block is stored in the block stash during an overwrite phase, the method includes sending a fake query to the distributed system to retrieve another random data block stored in the memory of the distributed system, decrypting and re-encrypting the random data block with fresh randomness, and re-uploading the re-encrypted random data block onto the distributed system.

公开(公告)号：US11645256B2

公开(公告)日：2023-05-09

申请号：US17457533

申请日：2021-12-03

Applicant: Google LLC

Inventor： Kevin Yeo ,  Ahmet Erhan Nergiz ,  Nicolas Lidzborski ,  Laetitia Estelle Baudoin ,  Sarvar Patel

IPC: H04L29/06 ,  G06F16/22 ,  G06F16/242 ,  G06F16/2455 ,  H04L9/06 ,  H04L9/08 ,  H04L9/00 ,  G06F21/60

CPC classification number: G06F16/2255 ,  G06F16/2246 ,  G06F16/242 ,  G06F16/2455 ,  G06F21/602 ,  H04L9/006 ,  H04L9/0656 ,  H04L9/0861

Abstract: A method for providing encrypted search includes receiving, at a user device associated with a user, a search query for a keyword that appears in one or more encrypted documents stored on an untrusted storage device and accessing a count table to obtain a count of documents that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of documents. The method also includes evaluating a first portion of the DPRF and delegating a remaining second portion of the DPRF to the untrusted storage device which causes the untrusted storage device to evaluate the DPRF and access an encrypted search index associated with the documents. The untrusted storage device determines one or more encrypted documents associated with DPRF and returns, to the user device, an identifier for each encrypted document associated with the DPRF.

公开(公告)号：US20210184840A1

公开(公告)日：2021-06-17

申请号：US16712487

申请日：2019-12-12

Applicant: Google LLC

Inventor： Kevin Yeo ,  Sarvar Patel

IPC: H04L9/08 ,  H04L9/06 ,  G06F16/93 ,  G06F16/903 ,  G06F16/9032

Abstract: A method for searchable encryption with a public key includes receiving an operation request front a user device associated with a user requesting that encryption of data associated with the user. The data includes a corpus of documents stored on a remote storage device. The method also includes receiving a public key associated with the user. The public key includes an asymmetric cryptographic public key. The method also includes generating a random data key. The data key includes a symmetric cryptographic key. The method also includes encrypting, using the data key, a search index for the corpus of documents based on keywords within the corpus of documents. The method also includes encrypting, using the public key, the data key and sending the encrypted data key to a user device associated with the user.

公开(公告)号：US20210182408A1

公开(公告)日：2021-06-17

申请号：US16713872

申请日：2019-12-13

Applicant: Google LLC

Inventor： Kevin Yeo ,  Ahmet Erhan Nergiz ,  Laetitia Estelle Baudoin ,  Nicolas Lidzborski ,  Sarvar Patel

IPC: G06F21/60 ,  H04L29/06 ,  H04L9/00 ,  H04L9/06

Abstract: A method for providing an encrypted search system includes receiving a search query for a keyword that appears in one or more encrypted emails stored on an untrusted storage device and accessing, a count table to obtain a count of unique emails within the emails that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of unique emails that include the keyword and delegating at least a portion of the DPRF to the untrusted storage device that causes the storage device to evaluate the delegated DPRF, access an encrypted search index associated with the emails, and determine one or more encrypted emails associated with the delegated DPRF based on the encrypted search index. The storage device also returns, to the user device, an identifier for each encrypted email associated with the delegated DPRF.

公开(公告)号：US12141315B2

公开(公告)日：2024-11-12

申请号：US18159674

申请日：2023-01-25

Applicant: Google LLC

Inventor： Kevin Yeo ,  Sarvar Patel ,  Giuseppe Persiano

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/06 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40

Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.

公开(公告)号：US12050579B2

公开(公告)日：2024-07-30

申请号：US18149085

申请日：2022-12-31

Applicant: Google LLC

Inventor： Kevin Yeo ,  Sarvar Patel ,  Giuseppe Persiano ,  Mariana Raykova

IPC: G06F21/10 ,  G06F3/06 ,  G06F16/22 ,  G06F21/78 ,  H04L67/10

CPC classification number: G06F16/2255 ,  G06F3/0604 ,  G06F3/064 ,  G06F3/0644 ,  G06F3/0659 ,  G06F3/0673 ,  G06F21/10 ,  G06F21/78 ,  H04L67/10

Abstract: A method includes executing an instruction to execute a query for a data block, the data block associated with a corresponding memory level of a logarithmic number of memory levels (li) of memory, each memory level (li) including physical memory (RAMi) residing on memory hardware of a distributed system. The method also includes retrieving a value associated with the data block from an oblivious hash table using a corresponding key, and extracting un-queried key value pairs from the oblivious hash table associated with un-queried data blocks after executing a threshold number of queries for data blocks. The method also includes a multi-array shuffle routine on the extracted key value pairs from the oblivious hash table to generate an output array containing the un-queried key value pairs.

公开(公告)号：US20230274007A1

公开(公告)日：2023-08-31

申请号：US18312556

申请日：2023-05-04

Applicant: Google LLC

Inventor： Kevin Yeo ,  Sarvar Patel ,  Giuseppe Persiano

IPC: G06F21/60 ,  G06F21/62 ,  H04L9/08

CPC classification number: G06F21/602 ,  G06F21/6227 ,  H04L9/0894 ,  G06F2221/2107 ,  G06F2221/0751

Abstract: A method for providing response-hiding searchable encryption includes receiving a search query for a keyword from a user device associated with a user. The keyword appears in one or more encrypted documents within a corpus of encrypted documents stored on an untrusted storage device. The method also includes accessing a document oblivious key-value storage (OKVS) to obtain a list of document identifiers associated with the keyword. Each document identifier in the list of document identifiers associated with a respective keyword identifier is concatenated with the keyword and uniquely identifies a respective one of the one or more encrypted documents that the keyword appears in. The method also includes returning the list of document identifiers obtained from the document OKVS to the user device.

公开(公告)号：US20230185960A1

公开(公告)日：2023-06-15

申请号：US18167490

申请日：2023-02-10

Applicant: Google LLC

Inventor： Sarvar Patel ,  Kevin Yeo ,  Giuseppe Persiano

IPC: G06F21/62 ,  G06F17/16 ,  G06F21/60 ,  H04L9/00

CPC classification number: G06F21/6245 ,  G06F17/16 ,  G06F21/602 ,  H04L9/008

Abstract: A method includes initializing a client state on a client device be executing a private batched sum retrieval instruction to compute c sums O of data blocks from an untrusted storage device. Each computed sum O stored on memory hardware of the client device and including a sum of a corresponding subset S of exactly k data blocks. The method also includes a query instruction to retrieve a query block Bq stored on the untrusted storage device by iterating through each of the c sums O of data blocks to identify one of the c sums O that does not include the query block Bq, instructing a service to pseudorandomly partition the untrusted storage device into partitions and sum the data blocks in each partition to determine a corresponding encrypted data block sum.

公开(公告)号：US20230169201A1

公开(公告)日：2023-06-01

申请号：US18159674

申请日：2023-01-25

Applicant: Google LLC

Inventor： Kevin Yeo ,  Sarvar Patel ,  Gluseppe Persiano

IPC: G06F21/62 ,  H04L9/08 ,  H04L9/40 ,  H04L9/32 ,  H04L9/06

CPC classification number: G06F21/6227 ,  H04L9/085 ,  H04L63/10 ,  H04L63/062 ,  H04L63/0435 ,  H04L9/3234 ,  H04L9/0631 ,  H04L9/0866 ,  H04L9/0819 ,  H04L9/0894 ,  H04L63/08

Abstract: A method for sharing read access to a document stored on memory hardware. The method includes receiving a shared read access command from a sharor sharing read access to a sharee for a document stored on memory hardware in communication with the data processing hardware, and receiving a shared read access request from the sharee. The shared read access command includes an encrypted value and a first cryptographic share value based on a write key, a read key, a document identifier, and a sharee identifier. The method also includes multiplying the first and second cryptographic share values to determine a cryptographic read access value. The cryptographic read access value authorizes read access to the sharee for the document. The method also includes storing a read access token for the sharee including the cryptographic read access value and the encrypted value in a user read set of the memory hardware.