Search

US-12627477-B2 - Cryptographically secure location-based content distribution

US12627477B2US 12627477 B2US12627477 B2US 12627477B2US-12627477-B2

Abstract

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for using cryptographic techniques to enhance data security and privacy and increase computational efficiency in selecting digital components are described. In one aspect, a method includes receiving, by an MPC computer of a group of MPC computers configured to perform computations of a secure MPC protocol to select digital components for distribution to client devices, a first secret share of location information indicating a location of a client device. The MPC computer generates, by performing the computations of the secure MPC protocol in collaboration with one or more second computers of the group of MPC computers, a first secret share of a selection result including data identifying a selected digital component that is selected from candidate digital components that are candidates based at least in part on the location of the client device.

Inventors

  • Gang Wang
  • Marcel M. Moti Yung

Assignees

  • GOOGLE LLC

Dates

Publication Date
20260512
Application Date
20230622
Priority Date
20220805

Claims (20)

  1. 1 . A computer-implemented method, comprising: receiving, by a first multi-party computation (MPC) computer of a group of MPC computers configured to perform computations of a secure MPC protocol to select digital components for distribution to client devices, a first secret share of location information indicating a location of a client device; generating, by the first MPC computer performing the computations of the secure MPC protocol in collaboration with one or more second MPC computers of the group of MPC computers, a first secret share of a selection result comprising data identifying a selected digital component that is selected from candidate digital components that are candidates for display at the client device based at least in part on the location of the client device; and sending, to the client device, the first secret share of the selection result.
  2. 2 . The computer-implemented method of claim 1 , wherein generating the first secret share of the selection result comprises generating, for each digital component in a set of digital components, a first secret share of a candidate parameter that indicates whether the digital component is a candidate for display at the client device based on the location of the client device.
  3. 3 . The computer-implemented method of claim 1 , wherein generating the first secret share of the selection result comprises: generating a garbled circuit based on (i) the location of the client device, (ii) a table of geographic location identifiers and, for each geographic location identifier, one or more geographical areas corresponding to the geographic location identifier, and (iii) for each of a plurality of digital components, data indicating a candidate expression that defines at least one or more geographic category identifiers for which the digital component is a candidate for selection; and evaluating the garbled circuit to identify the candidate digital components.
  4. 4 . The computer-implemented method of claim 3 , wherein the candidate expression for at least one digital component further defines one or more user groups for which the at least one digital component is a candidate for selection.
  5. 5 . The computer-implemented method of claim 3 , wherein generating the first secret share of the selection result comprises identifying the candidate digital components based on geographic category identifiers corresponding to each digital component, wherein each geographic category identifier corresponds to one or more related geographical areas.
  6. 6 . The computer-implemented method of claim 5 , wherein identifying the candidate digital components based on geographic category identifiers corresponding to each digital component comprises determining, for each digital component, whether the location information matches a geographical area of a geographic category identifier corresponding to the digital component.
  7. 7 . The computer-implemented method of claim 1 , wherein receiving the first secret share of the location information indicating a location of the client device comprises: receiving an attestation token comprising, as payload data, the first secret share of the location information and a device integrity element comprising a verdict of trustworthiness of the client device; and verifying integrity of the attestation token.
  8. 8 . The computer-implemented method of claim 7 , wherein: the attestation token comprises a digital signature generated using the payload data and a private key of the client device; and verifying the integrity of the attestation token comprises determining that the digital signature is valid using the payload data and a public key corresponding to the private key.
  9. 9 . The computer-implemented method of claim 1 , wherein the first MPC computer and each of the one or more second MPC computers generate the first secret share of the selection result and a respective secret share of the selection result held by each second MPC computer based on the first secret share of the location match result and a respective second secret share of the location match result held by each second MPC computer.
  10. 10 . The computer-implemented method of claim 1 , wherein the location of the client device is a current location of the client device.
  11. 11 . The computer-implemented method of claim 1 , wherein the location information indicates one or more previous locations of the client device.
  12. 12 . A system comprising: one or more processors; and one or more storage devices storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising: receiving, by a first multi-party computation (MPC) computer of a group of MPC computers configured to perform computations of a secure MPC protocol to select digital components for distribution to client devices, a first secret share of location information indicating a location of a client device; generating, by the first MPC computer performing the computations of the secure MPC protocol in collaboration with one or more second MPC computers of the group of MPC computers, a first secret share of a selection result comprising data identifying a selected digital component that is selected from candidate digital components that are candidates for display at the client device based at least in part on the location of the client device; and sending, to the client device, the first secret share of the selection result.
  13. 13 . The system of claim 12 , wherein generating the first secret share of the selection result comprises generating, for each digital component in a set of digital components, a first secret share of a candidate parameter that indicates whether the digital component is a candidate for display at the client device based on the location of the client device.
  14. 14 . The system of claim 12 , wherein generating the first secret share of the selection result comprises: generating a garbled circuit based on (i) the location of the client device, (ii) a table of geographic location identifiers and, for each geographic location identifier, one or more geographical areas corresponding to the geographic location identifier, and (iii) for each of a plurality of digital components, data indicating a candidate expression that defines at least one or more geographic category identifiers for which the digital component is a candidate for selection; and evaluating the garbled circuit to identify the candidate digital components.
  15. 15 . The system of claim 14 , wherein the candidate expression for at least one digital component further defines one or more user groups for which the at least one digital component is a candidate for selection.
  16. 16 . The system of claim 12 , wherein generating the first secret share of the selection result comprises identifying the candidate digital components based on geographic category identifiers corresponding to each digital component, wherein each geographic category identifier corresponds to one or more related geographical areas.
  17. 17 . The system of claim 16 , wherein identifying the candidate digital components based on geographic category identifiers corresponding to each digital component comprises determining, for each digital component, whether the location information matches a geographical area of a geographic category identifier corresponding to the digital component.
  18. 18 . The system of claim 12 , wherein receiving the first secret share of the location information indicating a location of the client device comprises: receiving an attestation token comprising, as payload data, the first secret share of the location information and a device integrity element comprising a verdict of trustworthiness of the client device; and verifying integrity of the attestation token.
  19. 19 . The system of claim 18 , wherein: the attestation token comprises a digital signature generated using the payload data and a private key of the client device; and verifying the integrity of the attestation token comprises determining that the digital signature is valid using the payload data and a public key corresponding to the private key.
  20. 20 . A non-transitory computer readable storage medium carrying instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising: receiving, by a first multi-party computation (MPC) computer of a group of MPC computers configured to perform computations of a secure MPC protocol to select digital components for distribution to client devices, a first secret share of location information indicating a location of a client device; generating, by the first MPC computer performing the computations of the secure MPC protocol in collaboration with one or more second MPC computers of the group of MPC computers, a first secret share of a selection result comprising data identifying a selected digital component that is selected from candidate digital components that are candidates for display at the client device based at least in part on the location of the client device; and sending, to the client device, the first secret share of the selection result.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS This application is a National Stage Application under 35 U.S.C. § 371 and claims the benefit of International Application No. PCT/US2023/025932, filed Jun. 22, 2023, which claims the benefit of priority to Israeli Application Serial No. 295403, filed Aug. 5, 2022. The foregoing applications are incorporated herein by reference in their entireties and for all purposes. TECHNICAL FIELD This specification relates to cryptography, data processing, data security, and privacy. BACKGROUND Secure MPC is a family of cryptographic protocols that prevents access to data by distributing computations across multiple parties such that no individual party can access another party's data or intermediate computed values, while outputs are released only to designated parties. The MPC computing systems typically perform the computations using secret shares or other encrypted forms of the data and secure exchange of information between the parties. SUMMARY In general, one innovative aspect of the subject matter described in this specification can be embodied in methods that include the actions of receiving, by a first multi-party computation (MPC) computer of a group of MPC computers configured to perform computations of a secure MPC protocol to select digital components for distribution to client devices, a first secret share of location information indicating a location of a client device; generating, by the first MPC computer performing the computations of the secure MPC protocol in collaboration with one or more second computers of the group of MPC computers, a first secret share of a selection result including data identifying a selected digital component that is selected from candidate digital components that are candidates for display at the client device based at least in part on the location of the client device; and sending, to the client device, the first secret share of the selection result. Other embodiments of this aspect include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded on computer storage devices. These and other implementations can each optionally include one or more of the following features. In some aspects, generating the first secret share of the selection result includes generating, for each digital component in a set of digital components, a first secret share of a candidate parameter that indicates whether the digital component is a candidate for display at the client device based on the location of the client device. In some aspects, generating the first secret share of the selection includes generating a garbled circuit based on (i) the location of the client device, (ii) a table of geographic location identifiers and, for each geographic location identifier, one or more geographical areas corresponding to the geographic location identifier, and (iii) for each of a plurality of digital components, data indicating a candidate expression that defines at least one or more geographic category identifiers for which the digital component is a candidate for selection and evaluating the garbled circuit to identify the candidate digital components. The computer-implemented method of any preceding claim, wherein the candidate expression for at least one digital component further defines one or more user groups for which the at least one digital component is a candidate for selection. In some aspects, generating the first secret share of the selection result includes identifying the candidate digital components based on geographic category identifiers corresponding to each digital component. Each geographic category identifier corresponds to one or more related geographical areas. Identifying the candidate digital components based on geographic category identifiers corresponding to each digital component includes determining, for each digital component, whether the location information matches a geographical area of a geographic category identifier corresponding to the digital component. In some aspects, receiving the first secret share of the location information indicating a location of the client device includes receiving an attestation token including, as payload data, the first secret share of the location information and a device integrity element comprising a verdict of trustworthiness of the client device and verifying integrity of the attestation token. The attestation token can include a digital signature generated using the set of data and a private key of the client device. Verifying the integrity of the attestation token can include determining that the digital signature is valid using the set of data and a public key corresponding to the private key. In some aspects, the first MPC computer and each of the one or more second MPC computers generate the first secret share of the selection result and a respective secret share of the selection result held by each second MPC computer based on