公开(公告)号：US20230214684A1

公开(公告)日：2023-07-06

申请号：US17927923

申请日：2021-09-29

Applicant: Google LLC

Inventor： Gang Wang ,  Marcel M. Moti Yung

IPC: G06N5/04 ,  G06F21/60 ,  G06F18/2413

CPC classification number: G06N5/04 ,  G06F21/602 ,  G06F18/24147

Abstract: This disclosure relates to a privacy preserving machine learning platform. In one aspect, a method includes receiving, by a first computing system of multiple multi-party computation (MPC) systems, an inference request that includes a first share of a given user profile. A number k of nearest neighbor user profiles that are considered most similar to the given user profile are identified. The first computing system identifies a first set of nearest neighbor profiles based on the first share of the given user profile and a k-nearest neighbor model. The first computing system receives, from each of one or more second computing systems of the multiple MPC systems, data indicating a respective second set of nearest neighbor profiles identified by the second computing system based on a respective second share of the given user profile and a respective second k-nearest neighbor model trained by the second computing system.

公开(公告)号：US20230171091A1

公开(公告)日：2023-06-01

申请号：US17919566

申请日：2022-03-07

Applicant: GOOGLE LLC

Inventor： Gang Wang ,  Marcel M. Moti Yung

IPC: H04L9/08

CPC classification number: H04L9/085 ,  H04L2209/466

Abstract: This document relates to using secure MPC to select digital components in ways that preserve user privacy and protects the security of data of each party that is involved in the selection process. In one aspect, a method includes receiving, by a first server of a secure MPC system from a client device, a digital component request. The first server identifies, for each digital component in a set, a selection value and a priority tier. For each tier, the first server determines, using a secure MPC process in collaboration with one or more second servers of the secure MPC system, a first secret share of a winner parameter for each digital component in the priority tier. The first server identifies a highest tier for which a given digital component has a winner parameter that indicates that the given digital component is a winning digital component.

公开(公告)号：US20230144140A1

公开(公告)日：2023-05-11

申请号：US17918598

申请日：2021-04-21

Applicant: Google LLC

Inventor： Marcel M. Moti Yung ,  Gang Wang

IPC: G06F21/62 ,  H04L9/08

CPC classification number: G06F21/6254 ,  H04L9/0825 ,  H04L2209/46

Abstract: This disclosure relates to protecting the confidential information of multiple entities using secure multi-party computation (MPC) and k-anonymity techniques. In some aspects, a method includes receiving, by a first MPC computing system from a client device, a content request including encrypted user group identifiers. Each encrypted user group identifier is encrypted using a first encryption key of a second MPC computing system. For each encrypted user group identifier, a request is transmitted to the second MPC computing system. The request includes the encrypted user group identifier. For each user group identifier that satisfies a k-anonymity, the first MPC computing system receives, from the second MPC computing system, a plaintext value of the user group identifier. The first MPC computing system transmits a selection parameter request to one or more platforms. The selection parameter request includes the plaintext value of the user group identifier.

公开(公告)号：US20230052628A1

公开(公告)日：2023-02-16

申请号：US17794040

申请日：2021-04-20

Applicant: Google LLC

Inventor： Gang Wang ,  Andres Munoz Medina ,  Marcel M. Moti Yung ,  Yijian Bai ,  Ardian Poernomo ,  Jingjing Wang

IPC: G06F21/62

Abstract: This disclosure relates to using additive and subtractive noise for preserving the privacy of users. In one aspects, a method includes obtaining a first set of genuine user group identifiers that identify user groups that include a user as a member. A second set of user group identifiers is generated for the user by removing zero or more genuine user group identifiers from the first set to generate the second set and adding, to the second set, one or more fake user group identifiers for user groups that do not include the user as a member. A probabilistic data structure is generated based on the second set of user group identifiers. The probabilistic data structure is transmitted to a recipient computing system. Data indicating a set of digital components including at least one digital component selected based on the probabilistic data structure is received. A given digital component is presented.

公开(公告)号：US20220329430A1

公开(公告)日：2022-10-13

申请号：US17845637

申请日：2022-06-21

Applicant: Google LLC

Inventor： Gang Wang ,  Marcel M. Moti Yung

IPC: H04L9/32 ,  H04L9/08

Abstract: The present disclosure provides systems and methods for authenticated control of content delivery. The method includes receiving a request for an item of content from a computing device, the request comprising a security token associated with the computing device and an identifier of a group of domains, identifying the group of domains from the identifier, and retrieving a security key associated with the group of domains. The method further includes decrypting a signature of the security token, identifying an authentication string, determining that the authentication string matches a server authentication string, and identifying characteristics of the security token. The characteristics of the security token include a confidence score. The method further includes comparing the confidence score of the security token to a threshold, determining that the confidence score does not exceed the threshold, and preventing transmission of content to the computing device.

公开(公告)号：US20220294643A1

公开(公告)日：2022-09-15

申请号：US17633417

申请日：2021-03-16

Applicant: Google LLC

Inventor： Gang Wang ,  Marcel M. Moti Yung

IPC: H04L9/32 ,  H04L9/08

Abstract: Methods, systems, and computer media provide attestation tokens that protect the integrity of communications transmitted from client devices, while at the same time avoiding the use of stable device identifiers that could be used to track client devices or their users. In one approach, client devices can receive anonymous certificates from a device integrity computing system signifying membership in a selected device trustworthiness group, and attestation tokens can be signed anonymously with the anonymous certificates using a group signature scheme. Client devices can include throttlers imposing limits on the quantity of attestation tokens created by the client device.

公开(公告)号：US20220004654A1

公开(公告)日：2022-01-06

申请号：US16486281

申请日：2019-04-19

Applicant: Google LLC

Inventor： Sarvar Patel ,  Marcel M. Moti Yung ,  Karn Seth ,  Benjamin Kreuter

IPC: G06F21/62 ,  H04L9/00

Abstract: Systems, methods, devices, and other techniques for preserving privacy when comparing private datasets from first and second computing systems. The second computing system identifies a first set of identifiers corresponding to records in a private database of the second computing system. The second computing system receives blinded versions of a set of identifiers corresponding to records in a private database of the first computing system. The second computing system determines an intersection or characteristic thereof of the records in the private database of the first computing system and the records in the private database of the second computing system based on matches between the blinded versions of the first and second sets of identifiers.

公开(公告)号：US12284164B2

公开(公告)日：2025-04-22

申请号：US18656044

申请日：2024-05-06

Applicant: Google LLC

Inventor： Gang Wang ,  Marcel M. Moti Yung

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  H04L9/40

Abstract: Methods, systems, and apparatus, including a method for preventing fraud. In some aspects, a method includes: receiving, from multiple client devices, a measurement data element that includes a respective group member key and a group identifier for a given conversion as a result of displaying a digital component. Each client device uses a threshold encryption scheme to generate, based at least on network data that includes one or more of impression data or conversion data for the conversion, a group key that defines a secret for encrypting the network data and generate, based on data related to the application, the respective group member key that includes a respective share of the secret. In response to determining that at least the threshold number of measurement data elements having the same group identifier have been received, the network data is decrypted using the group member keys in the received measurement data elements.

公开(公告)号：US20250080349A1

公开(公告)日：2025-03-06

申请号：US18285704

申请日：2023-04-25

Applicant: Google LLC

Inventor： Gang Wang ,  Marcel M. Moti Yung ,  Sheldon I. Walfish

IPC: H04L9/32 ,  G06F21/53

Abstract: Disclosed herein are systems, methods, and computer-readable media for enabling more secure multi-party computations (MPCs) using a trusted execution environment (TEE). In one aspect, a method includes executing, by a first MPC computer, a secure MPC protocol in a first TEE of the first MPC computer. The first MPC computer generates a request to a second MPC computer executing the secure MPC protocol in a second TEE of the second MPC computer. The first TEE determines that one or more attestation conditions are met by the first MPC computer executing the secure MPC protocol in the first TEE. In response to determining that the one or more attestation conditions are met, the first TEE generates an attestation token including one or more digital signatures for the secure MPC protocol executing in the first TEE. The first MPC computer sends the attestation token with the request to the second MPC computer.

公开(公告)号：US12244716B2

公开(公告)日：2025-03-04

申请号：US18341689

申请日：2023-06-26

Applicant: Google LLC

Inventor： Gang Wang ,  Marcel M. Moti Yung

IPC: H04L9/32 ,  G06F16/951

Abstract: The present disclosure provides systems and methods for secure identification retrieval. The method includes retrieving a value of a periodic variable and calculating a plurality of query tokens from a corresponding plurality of client device identifiers and the value of the periodic variable. Each query token is associated with a corresponding client device identifier in a first database. The method further includes receiving a first query token calculated from a client device identifier of the first client device and the value of the periodic variable and identifying a second query token of the calculated plurality of query tokens in the first database matching the first query token. The method further includes, responsive to the identification, retrieving the associated client device identifier and retrieving one or more characteristics of the first client device according to the associated client device identifier. The method further includes transmitting the retrieved one or more characteristics.