One Article Review
| Source |  GoogleSec |
|---|---|
| Identifiant | 4593801 |
| Date de publication | 2021-10-28 13:00:00 (vue: 2022-05-13 21:47:30) |
| Titre | Protecting your device information with Private Set Membership |
| Texte | Posted by Kevin Yeo and Sarvar Patel, Private Computing Team At Google, keeping you safe online is our top priority, so we continuously build the most advanced privacy-preserving technologies into our products. Over the past few years, we've utilized innovations in cryptographic research to keep your personal information private by design and secure by default. As part of this, we launched Password Checkup, which protects account credentials by notifying you if an entered username and password are known to have been compromised in a prior data breach. Using cryptographic techniques, Password Checkup can do this without revealing your credentials to anyone, including Google. Today, Password Checkup protects users across many platforms including Android, Chrome and Google Password Manager.Another example is Private Join and Compute, an open source protocol which enables organizations to work together and draw insights from confidential data sets. Two parties are able to encrypt their data sets, join them, and compute statistics over the joint data. By leveraging secure multi-party computation, Private Join and Compute is designed to ensure that the plaintext data sets are concealed from all parties.In this post, we introduce the next iteration of our research, Private Set Membership, as well as its open-source availability. At a high level, Private Set Membership considers the scenario in which Google holds a database of items, and user devices need to contact Google to check whether a specific item is found in the database. As an example, users may want to check membership of a computer program on a block list consisting of known malicious software before executing the program. Often, the set's contents and the queried items are sensitive, so we designed Private Set Membership to perform this task while preserving the privacy of our users. Protecting your device information during enrollmentBeginning in Chrome 94, Private Set Membership will enable Chrome OS devices to complete the enrollment process in a privacy-preserving manner. Device enrollment is an integral part of the out-of-box experience that welcomes you when getting started with a Chrome OS device. The device enrollment process requires checking membership of device information in encrypted Google databases, including checking if a device is enterprise enrolled or determining if a device was pre-packaged with a license. The correct end state of your Chrome OS device is determined using the results of these membership checks.During the enrollment process, we protect your Chrome OS devices by ensuring no information ever leaves the device that may be decrypted by anyone else when using Private Set Membership. Google will never learn any device information and devices will not learn any unnecessary information about other devices. To our knowledge, this is the first instance of advanced cryptographic tools being leveraged to protect device information during the enrollment process.A deeper look at Private Set MembershipPrivate Set Membership is built upon two cryptographic tools:Homomorphic encryption is a powerful cryptographic tool that enables computation over encrypted data without the need f |
| Notes | |
| Envoyé | Oui |
| Condensat | aaron able aboelkher about access account acknowledgementsthe across action advanced advancing algorithm algorithms ali all allow also amjad amr android another any anyone applications arbitrary are array arrouye art asra availability been before beginning behind being below:for between block bock box branches branching breach build built can cases check checking checks checkup chen chrome code collaboration common complete compromised computation compute computer computing concealed concept conditional confidential considers consisting contact contents continue continuously control correct credentials cryptographic current data database databases dawon decrypt decrypted decryption deeper default dennis design designed desired determine determined determining device devices draw during each else enable enables encrypt encrypted encryption encryptions end engineers enrolled enrollment enrollmentbeginning ensure ensuring entered enterprise ever everyone example example:checking excited executing execution experience exploring first flows following former found from fundamental general getting ghous given google group hash hashing have help hidden high holds homomorphic how including including: information innovations input insights instance integral introduce item items iteration its ivanov jason join joint jointly joon just kalinichenko karn keep keeping kevin key khazanie knowledge known large launched lawrence learn learning leaves leaving lee lepoint level leveraged leveraging library license list lists look lui maksim malicious manager manner many mariana marko may membership membershipprivate more most multi nagel need needing never next nirdhar not nothing notifying number oblivious obtain obtained:no often online only open organizations other others out over packaged part parties party password past patel pavol perform performing personal plaintext platforms possible post posted potential powerful pre preserve preserves preserving prevent prior priority privacy private problem problemsprivate proceed process products program programs properties propertiesby protect protecting protects protocol queried query querying raykova receiver remains represent require requires research result results revealing roland safe same sarvar scenario science scientists secure segal sender sensitive seo set seth sets setting software solve solves source specific started state statistics step sum take tancrède task team at technique techniques technologies technology them these thiemo time today together tool tools tools:homomorphic top two unencrypted unnecessary upon use used user username users using utilized utilizes utilizing values want ways welcomes well what when where whether which wide will without wong work years yeo young your yves to |
| Tags | Tool |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.