A computing device sends a request for an attestation certificate to an attestation service along with information regarding the hardware and/or software of the device. The attestation service processes the request and verifies the information received from the device. After verifying the information, the attestation service selects a public/private key pair from a collection of reusable public/private key pairs and generates an attestation certificate for the device and public key of the public/private key pair. This attestation certificate is digitally signed by the attestation service and returned to the device. The private key of the selected public/private key pair is also encrypted to a trusted secure component of the device, ensuring that the key cannot be stolen by malware and re-used on another device, and is returned to the device. The device uses this attestation certificate to access relying parties, and optionally generates additional public/private key pairs and attestation certificates.

The disclosure relates to securing and enabling user control of profiling data, blockchain-driven matching of users and advertiser-identified anonymous profiling data records of interest, and smart contracts encoded by blockchain for executing transactions. The system may include an anonymized database of profiling data, which is unlinked to any user. The system may implement a private blockchain to store user-defined settings that provide user control over whether and how the profiling data may be used. If a grant to use the data is received, a link is stored that allows the system to identify a user associated with the anonymous profiling data records. If the grant is revoked, the link may be removed. The system may also implement public blockchain technology to record a public information relating to grants, online marketing transactions, making them verifiable, immutable, and transparent for various stakeholders including advertisers, publishers, and users.

Techniques for providing a real-time service that protects personal data of clients from customer service agents are provided. Customer data that includes personal data indicative of sensitive information of a customer can be received from the customer. The personal data within the received customer data can be detected and a token that does not include the sensitive information of the customer can be generated. The personal data and the generated token can be stored along with data indicating a relationship between the token and the personal data. The personal data in the received customer data can be replaced by the token to form modified customer data. The modified customer data can be provided to a customer service representative. The token within the modified customer data can later be detected and associated with the personal data without revealing the personal data to the customer service representative.

A decentralized and trust-minimizing computer architecture for computing rewards for users of an advertising system includes cryptographic black box accumulators (BBA), which is a cryptographic counter that only the issuer can update. An attention application requests initialization of a BBA from a guardian and subsequently requests updates to the BBA to track interactions between a user of the attention application and ads on the attention application. The guardian signs updates to the BBA to reach agreement on the state of ad interactions. The attention application may randomize the BBA and submit requests via an anonymous channel such that no participant can link two encounters with the BBA to each other or link the BBA to a specific attention application, thus improving user privacy. Reward redemption requests can be made based on a known policy and committed to a public blockchain for verification by observers that the protocol is operating correctly.

A control system for conducting an election may include a voter client configured to be used by a voter to cast a vote for a candidate, a registrar server, and a moderator server. The moderator server may be configured to obscure the identity of the voter. The registrar server may be configured to randomly assign a ballot to the obscured voter. The registrar server may be configured to encrypt the ballot. The moderator server may be configured to transmit the encrypted ballot to the voter client. The voter client may be configured to decrypt the encrypted ballot to recover the ballot. The voter client, in response to the voter selecting a desired candidate, may be configured to generate a ballot associated with a vote. The voter client may be configured to encrypt the ballot using a public key of the registrar server and a public key of the moderator server.

The subject technology receives, in an application on an electronic device, a message, the message being associated with a user and including information in a header portion of the message. The subject technology determines, on the electronic device, a current state of messaging activity of the user based at least in part on a log of previous events associated with the user, where the log of previous events includes information that has been hashed using a cryptographic hash function. The subject technology determines, on the electronic device using a set of rules provided by a machine learning model, that the user is likely to view the message based on the current state of the messaging activity of the user. The subject technology sets, on the electronic device, an indication that the message is important based on the determining.

A decentralized group signature method for an issuer-anonymized credential system includes (a) an initial system setup operation of defining elements of a group signature method and information that is generated and shared by each group member, (b) an initial group member setup operation, (c) a group member participation operation of adding a new group member to a group, (d) a group signature operation of putting a group signature on a specific message, (e) an operation of verifying the group signature, (f) an operation of removing anonymity from a group signature for a specific group member with agreement of group members, and (g) an operation of revoking a specific group member with agreement of the group members. Exclusive authority of a group manager is distributed to the group members.

A system for implementing mixed protocol certificates, the system includes a subject device designed and configured to receive, from an issuing device, a first digital certificate, wherein the first digital certificate further comprises a first digital signature public and private key pair according to a first digital signature protocol and a second digital signature public key according to a second digital signature protocol, wherein the second digital signature protocol is distinct from the first digital signature protocol, to generate a second digital certificate, wherein generating the second digital certificate comprises generating a subject digital signature signing the certificate, the subject digital signature generated as a function of the second digital signature protocol and to provide the first digital certificate and the second digital certificate to a verifying device.

Methods, systems, and apparatus, including a method for determining network measurements. In some aspects, a method includes receiving, by a first aggregation server and from each of multiple client devices, encrypted impression data. A second aggregation server receives, from each of at least a portion of the multiple client devices, encrypted conversion data. The first aggregation server and the second aggregation server perform a multi-party computation process to generate chronological sequences of encrypted impression data and encrypted conversion data and to decrypt the encrypted impression data and the encrypted conversion data.

There is provided a computer-implemented method for secure linking of anonymized data among computer domains, comprising: at each computer domain at which a data set including a number of data records is stored: identifying a sensitive data element within a data record; applying a cryptographic hash function to the sensitive data element so as to yield a token; replacing the sensitive data element with the token within the data record to yield an anonymized data record of the data set; and transferring to a server computer the anonymized data record of the data set; and at the server computer: iteratively transforming the tokens of the anonymized data records of each data set to yield a compounded token for each token; and linking the anonymized data records if their compounded tokens match.