Patents by Inventor Payman Mohassel

Payman Mohassel has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11368308
    Abstract: Techniques of authenticating a first device of a user to a second device are disclosed. The method enables the second device to perform authentication using a biometric template stored on the first device and a biometric measurement. Homomorphic encryption may be used by the first device to encrypt the biometric template and the second device to determine an encrypted similarity metric between the biometric template and the biometric measurement. The second device can also determine an encrypted code using an authentication function and the encrypted similarity metric. The second device sends the encrypted code and the encrypted similarity metric to be decrypted by the first device. The second device can receive a response from the first device, indicating whether a decrypted similarity metric exceeds a threshold; and whether the decrypted code matches a test code. The second device can then authenticate the user based on the response.
    Type: Grant
    Filed: January 9, 2020
    Date of Patent: June 21, 2022
    Assignee: Visa International Service Association
    Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Saikrishna Badrinarayanan
  • Publication number: 20220092216
    Abstract: Methods and systems according to embodiments of the invention provide for a framework for privacy-preserving machine learning which can be used to obtain solutions for training linear regression, logistic regression and neural network models. Embodiments of the invention are in a three-server model, wherein data owners secret-share their data among three servers who train and evaluate models on the joint data using three-party computation (3PC). Embodiments of the invention provide for efficient conversions between arithmetic, binary, and Yao 3PC, as well as techniques for fixed-point multiplication and truncation of shared decimal values. Embodiments also provide customized protocols for evaluating polynomial piecewise functions and a three-party oblivious transfer protocol.
    Type: Application
    Filed: December 1, 2021
    Publication date: March 24, 2022
    Inventors: Payman Mohassel, Peter Rindal
  • Patent number: 11222138
    Abstract: Methods and systems according to embodiments of the invention provide for a framework for privacy-preserving machine learning which can be used to obtain solutions for training linear regression, logistic regression and neural network models. Embodiments of the invention are in a three-server model, wherein data owners secret-share their data among three servers who train and evaluate models on the joint data using three-party computation (3PC). Embodiments of the invention provide for efficient conversions between arithmetic, binary, and Yao 3PC, as well as techniques for fixed-point multiplication and truncation of shared decimal values. Embodiments also provide customized protocols for evaluating polynomial piecewise functions and a three-party oblivious transfer protocol.
    Type: Grant
    Filed: July 17, 2018
    Date of Patent: January 11, 2022
    Assignee: Visa International Service Association
    Inventors: Payman Mohassel, Peter Rindal
  • Patent number: 11216588
    Abstract: A cross-measurement system gathers data from a set of publishers to determine cross-publisher statistics about content provided on multiple online platforms associated with different publishers. The cross-measurement system receives a set of publisher-specific Bloom filters associated with content exposure of a content set by each of the multiple publishers. using the received publisher-specific Bloom filters, the cross-measurement system generates a cross-publisher Bloom filter, for example, by combining the publisher-specific Bloom filters. Then, the cross-measurement system analyzes the cross-publisher Bloom filter to determine cross-publisher statistics reflecting the content exposure of the content set across the set of publishers, such as a cross-publisher reach of the content set.
    Type: Grant
    Filed: May 21, 2020
    Date of Patent: January 4, 2022
    Assignee: Meta Platforms, Inc.
    Inventors: Ran An, Payman Mohassel, Sanjay Kanaka Sai Tirupattur Saravanan
  • Publication number: 20210409405
    Abstract: An initiator device can broadcast a witness request to one or more authentication devices. The one or more authentication devices can then determine an assurance level from a range of assurance levels and determine a token share corresponding to the assurance level. The initiator device can then receive, from the one or more authentication devices, at least one witness response comprising the token share corresponding to the assurance level. The initiator device can generate an authentication token using a set of token shares. The initiator device can then transmit the authentication token to an authentication server, wherein the authentication server verifies the authentication token.
    Type: Application
    Filed: August 30, 2019
    Publication date: December 30, 2021
    Inventors: Mastooreh Salajegheh, Shashank Agrawal, Eric Le Saint, Payman Mohassel, Mihai Christodorescu
  • Publication number: 20210336792
    Abstract: Systems, methods, and apparatuses of using biometric information to authenticate a first device of a user to a second device are described herein. A method includes storing, by the first device, a first key share of a private key and a first template share of a biometric template of the user. The second device stores a public key, and one or more other devices of the user store other key shares and other template shares. The first device receives a challenge message from the second device, measures biometric features of the user to obtain a measurement vector, and sends the measurement vector and the challenge message to the other devices. The first device receives partial computations, generated using a respective template share, key share, and the challenge message, from the other devices, uses them to generate a signature of the challenge message and send the signature to the second device.
    Type: Application
    Filed: October 4, 2019
    Publication date: October 28, 2021
    Inventors: Shashank Agrawal, Saikrishna Badrinarayanan, Payman Mohassel, Pratyay Mukherjee
  • Publication number: 20210336789
    Abstract: The present disclosure relates to systems, non-transitory computer-readable media, and methods for generating decentralized, privacy-preserving cryptographic proofs of liabilities in connection with immutable databases. In particular, in one or more embodiments, the disclosed systems enable an entity to transparently and accurately report its total amount of liabilities, obligations or other data related to fungible negative reports without exposing any user data or sensitive system data (e.g., the liabilities structure). Furthermore, the disclosed systems can generate a cryptographic proof of liability that allows individual users to independently verify that their committed liability is included in a reported total liability.
    Type: Application
    Filed: March 19, 2021
    Publication date: October 28, 2021
    Inventors: Konstantinos Chalkias, Kevin Lewi, Payman Mohassel, Valeria Olegovna Nikolaenko
  • Patent number: 11108565
    Abstract: Embodiments of the invention can establish secure communications using a single non-traceable request message from a first computer and a single non-traceable response message from a second computer. Non-traceability may be provided through the use of blinding factors. The request and response messages can also include signatures that provide for non-repudiation. In addition, the encryption of the request and response message is not based on the static keys pairs, which are used for validation of the signatures. As such, perfect forward secrecy is maintained.
    Type: Grant
    Filed: April 16, 2019
    Date of Patent: August 31, 2021
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Eric Le Saint, Payman Mohassel
  • Publication number: 20210243026
    Abstract: Embodiments disclosed herein are directed to methods and systems of password-based threshold authentication, which distributes the role of an authentication server among multiple servers. Any t servers can collectively verify passwords and generate authentication tokens, while no t?1 servers can forge a valid token or mount offline dictionary attacks.
    Type: Application
    Filed: October 15, 2018
    Publication date: August 5, 2021
    Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Peihan Miao
  • Publication number: 20210209247
    Abstract: Methods and systems according to embodiments of the invention provide for a framework for privacy-preserving machine learning which can be used to obtain solutions for training linear regression, logistic regression and neural network models. Embodiments of the invention are in a three-server model, wherein data owners secret-share their data among three servers who train and evaluate models on the joint data using three-party computation (3PC). Embodiments of the invention provide for efficient conversions between arithmetic, binary, and Yao 3PC, as well as techniques for fixed-point multiplication and truncation of shared decimal values. Embodiments also provide customized protocols for evaluating polynomial piecewise functions and a three-party oblivious transfer protocol.
    Type: Application
    Filed: July 17, 2018
    Publication date: July 8, 2021
    Inventors: Payman Mohassel, Peter Rindal
  • Publication number: 20210192509
    Abstract: Methods are provided for maintaining user privacy, and may include establishing a secret key for communication between a plurality of user devices, the plurality of user devices including a first user device associated with a requesting user and a second user device associated with a second user, wherein at least one server computer does not have access to the secret key; receiving from the first user device, a split-payment request message comprising encrypted data, the encrypted data included in the split-payment request message encrypted based on the secret key; generating an encrypted balance for the requesting user and the second user based on the encrypted data of the split-payment request message; and transmitting to the second user device, a split-payment confirmation message including the encrypted balance for the requesting user and/or the second user. Systems and computer program products are also provided.
    Type: Application
    Filed: August 29, 2019
    Publication date: June 24, 2021
    Inventors: Saba Eskandarian, Payman Mohassel, Mihai Christodorescu
  • Publication number: 20210133587
    Abstract: Described herein are systems and techniques for privacy-preserving unsupervised learning. The disclosed system and methods can enable separate computers, operated by separate entities, to perform unsupervised learning jointly based on a pool of their respective data, while preserving privacy. The system improves efficiency and scalability, while preserving privacy and avoids leaking a cluster identification. The system can jointly compute a secure distance via privacy-preserving multiplication of respective data values x and y from the computers based on a 1-out-of-N oblivious transfer (OT). In various embodiments, N may be 2, 4, or some other number of shares. A first computer can express its data value x in base-N. A second computer can form an √óN matrix comprising random numbers mi,0 and the remaining elements mi,j=(yjNi-mi,0) mod . The first computer can receive an output vector from the OT, having components mi=(yxi Ni-mi,0) mod .
    Type: Application
    Filed: November 6, 2019
    Publication date: May 6, 2021
    Inventors: Payman Mohassel, Ni Trieu
  • Patent number: 10990617
    Abstract: The present teaching relates to searching encrypted data. In one example, a search request is received for encrypted documents. An encrypted query is generated based on the search request. The encrypted query is sent to a server that stores a first encrypted index and a second encrypted index. The first encrypted index maps encrypted keywords to full blocks each of which has a same size and is fully filled with encrypted document identities (IDs). The second encrypted index maps encrypted keywords to partial blocks each of which has the same size and is partially filled with encrypted document IDs. Based on the encrypted query, one or more encrypted document IDs are determined by searching against both the first encrypted index and the second encrypted index. A search result is generated based on the one or more encrypted document IDs. The search result is provided in response to the search request.
    Type: Grant
    Filed: September 21, 2018
    Date of Patent: April 27, 2021
    Assignee: Verizon Media Inc.
    Inventors: Payman Mohassel, Ian Miers
  • Publication number: 20200279258
    Abstract: Systems, methods, and computer readable media are provided for improving the usability of a cryptogram generated in a first cryptographic protocol such as triple-DES. The methods may generate a first cryptogram using a first identifier in a first cryptographic protocol, stored in a key store within an insecure memory of the mobile communication device, generate, within a secure memory of the mobile communication device, a second cryptogram using a second identifier in a second cryptographic protocol, stored in the secure memory, combining, the first cryptogram and a number of characters of the second cryptogram equal to the length of the first cryptogram to generate a third cryptogram and transmitting the third cryptogram to an payment processing network to validate a transaction. A transaction associated with the third cryptogram may be validated by an authorization entity or an issue entity.
    Type: Application
    Filed: September 26, 2019
    Publication date: September 3, 2020
    Inventors: Shashank Agrawal, Dmitri Bannikov, Atul Luykx, Payman Mohassel, Sergey Smirnoff, Selvaganesh Vasudevan, Gaven Watson
  • Publication number: 20200259651
    Abstract: Systems and methods for threshold authenticated encryption are provided. A collection of cryptographic devices may encrypt or decrypt a message, provided that a threshold number of those devices participate in the encryption process. One cryptographic device may generate a commitment message and transmit it to the other selected devices. Those devices may each perform a partial computation using the commitment message, and transmit the partial computations back to the encrypting or decrypting device. The encrypting or decrypting device may use those partial computations to produce a cryptographic key, which may then be used to encrypt or decrypt the message.
    Type: Application
    Filed: October 30, 2017
    Publication date: August 13, 2020
    Inventors: Payman Mohassel, Pratyay Mukherjee, Shashank Agrawal, Eric Le Saint
  • Patent number: 10740366
    Abstract: The present teaching relates to searching encrypted data. In one example, a search request is received for encrypted documents. An encrypted query is generated based on the search request. The encrypted query is sent to a server that stores a first encrypted index and a second encrypted index. The first encrypted index maps encrypted keywords to full blocks each of which has a same size and is fully filled with encrypted document identities (IDs). The second encrypted index maps encrypted keywords to partial blocks each of which has the same size and is partially filled with encrypted document IDs. Based on the encrypted query, one or more encrypted document IDs are determined by searching against both the first encrypted index and the second encrypted index. A search result is generated based on the one or more encrypted document IDs. The search result is provided in response to the search request.
    Type: Grant
    Filed: August 29, 2018
    Date of Patent: August 11, 2020
    Assignee: Oath Inc.
    Inventors: Payman Mohassel, Ian Miers
  • Publication number: 20200242466
    Abstract: New and efficient protocols are provided for privacy-preserving machine learning training (e.g., for linear regression, logistic regression and neural network using the stochastic gradient descent method). A protocols can use the two-server model, where data owners distribute their private data among two non-colluding servers, which train various models on the joint data using secure two-party computation (2PC). New techniques support secure arithmetic operations on shared decimal numbers, and propose MPC-friendly alternatives to non-linear functions, such as sigmoid and softmax.
    Type: Application
    Filed: March 22, 2017
    Publication date: July 30, 2020
    Inventors: Payman Mohassel, Yupeng Zhang
  • Publication number: 20200228341
    Abstract: Techniques of authenticating a first device of a user to a second device are disclosed. The method enables the second device to perform authentication using a biometric template stored on the first device and a biometric measurement. Homomorphic encryption may be used by the first device to encrypt the biometric template and the second device to determine an encrypted similarity metric between the biometric template and the biometric measurement. The second device can also determine an encrypted code using an authentication function and the encrypted similarity metric. The second device sends the encrypted code and the encrypted similarity metric to be decrypted by the first device. The second device can receive a response from the first device, indicating whether a decrypted similarity metric exceeds a threshold; and whether the decrypted code matches a test code. The second device can then authenticate the user based on the response.
    Type: Application
    Filed: January 9, 2020
    Publication date: July 16, 2020
    Inventors: Payman Mohassel, Shashank Agrawal, Pratyay Mukherjee, Saikrishna Badrinarayanan
  • Publication number: 20200219099
    Abstract: Disclosed is a system, method, and computer program product for determining solvency of a digital asset exchange system. The method includes identifying a plurality of blockchain addresses corresponding to a plurality of users of the digital asset exchange system, generating a first commitment to an amount of digital assets corresponding to the plurality of blockchain addresses, generating a second commitment to a balance of each user of the plurality of users, generating a first component of a zero-knowledge algorithm configured to receive, as input, the first commitment, and to output a value generated based on each public key, generating a second component of the zero-knowledge algorithm configured to receive, as input, the second commitment, and to output a value generated based on each user balance, and determining, with at least one processor, that the digital asset exchange system is solvent based on the zero-knowledge algorithm.
    Type: Application
    Filed: July 2, 2018
    Publication date: July 9, 2020
    Inventors: Payman Mohassel, Shashank Agrawal, Chaya Ganesh
  • Patent number: 10637652
    Abstract: The present teaching relates to exchanging a key with a device. In one example, a secret value is generated. A message is transmitted to the device. The message includes information related to the secret value based on which the device is to create a cryptographic key. A visual code displayed on the device is captured. The visual code includes a first piece of information and a second piece of information. A key value is generated based on the first piece of information and the secret value. A test value is calculated based on the key value. It is determined whether the device is securely connected based on the test value.
    Type: Grant
    Filed: May 20, 2019
    Date of Patent: April 28, 2020
    Assignee: Oath Inc.
    Inventors: Juan Garay, Payman Mohassel, David Gil