Google Wraps off Private Set Membership (PSM), a Cryptographic Protocol to Ensure Privacy

Private Set Membership (PSM), a cryptographic technique designed to secure anonymity during specified queries, was unveiled by Google last week.

The protocol allows clients to check whether a specific identifier is present in a list held by a server while maintaining privacy: the client identifier is transmitted encrypted, the server does not learn the result of the query, and the client does not learn details about the set of identifiers on the server, other than whether the queried identifier is or is not a member of the set.

“Users may, for example, want to verify whether a computer application is on a block list of known harmful software before executing it.” We built Private Set Membership to execute this work while respecting our users’ privacy because the set’s contents and the requested items are often sensitive,” Google notes.

Chrome OS devices will use the privacy-focused protocol to finish the enrollment process, which entails confirming device information with Google, such as whether it is enterprise enrolled or pre-packaged with a licence, starting with Chrome 94, according to Google.

“When using Private Set Membership, we protect your Chrome OS devices during the enrollment process by guaranteeing that no information leaves the device that could be decrypted by others.” Google claims that “devices will not learn any superfluous information about other devices” and that “Google will never learn any device information.”

SEE ALSO:
Passwords for Google Stored Unhashed G Suite over a decade

Private Set Membership, which is open source, uses Google’s free source homomorphic encryption library and oblivious hashing, a cryptographic approach in which two parties can jointly compute a hash while keeping each of their contributions concealed.

Devices may verify allow or block lists in a privacy-preserving manner using Private Set Membership, according to Google, and control flows with conditional membership checks are conceivable while ensuring that no data leaves the device.

“We still have a long way to go before devices employ Private Set Membership for universal membership checks.” At Google, we’re looking into a few different ways to secure your privacy using Private Set Membership. The business claims, “We are pleased to continue improving state-of-the-art cryptography research to keep you safe.”

Previous Post
ITIL

Information Technology Infrastructure Library

Next Post
Data Protection

China Would Need Government Approval to Transfer Important Data Abroad

Related Posts