AdVeil is a targeted advertising ecosystem with formal privacy guarantees for its users. It enables ad targeting and billing through a Broker (e.g., Google AdSense) without: 1) revealing personal user data or 2) allowing the Broker to link user identities to their ad interactions.

AdVeil uses a novel targeting protocol built using Locality-Sensitive Hashing (LSH) and Private Information Retrieval (PIR). This protocol allows users to obtain relevant ads without the Broker learning any of their data used in targeting.

In AdVeil, fraud prevention is integrated into reporting (i.e., for billing purposes) using unlinkable anonymous tokens issued by the Broker during targeting. These tokens do not allow tracking of users, but permit the Broker to prevent fraudulent reporting.

A prototype implementation of AdVeil is provided to demonstrate its applicability to a real-world deployment. Our evaluation shows that AdVeil scales to ad networks with millions of ads, using state-of-the-art single-server PIR.

AdVeil’s Properties


1. Ad Targeting

AdVeil system overview: targeting.
  1. User profile feature vector constructed locally by the client.

  2. Client learns ad IDs for the ads most relevant to their features through PIR and LSH.

  3. Client obtains a set of user-targeted ads and signed tokens for verified reporting.

2. Ad Delivery

AdVeil system overview: delivery
  1. Client retrieves ads corresponding to the ad IDs obtained in Targeting from the database.

  2. Retrieved ad is displayed on a publisher's webpage by the user's client.

3. Metrics & Reporting

AdVeil system overview: reporting
  1. User interactions generate reports (e.g. ad ID: view, ad ID: click, ad ID: conversion).

  2. User's client sends encrypted interaction report and signed token at fixed intervals.

  3. The Broker decrypts reports and validates tokens. Invalid reports are eliminated prior to computing metrics for billing.

People: Sacha Servan-Schreiber (MIT), Kyle Hogan (MIT), and Srini Devadas (MIT)