9 research outputs found
Private Handshakes
Private handshaking allows pairs of users to determine which (secret) groups
they are both a member of. Group membership is kept secret to everybody else.
Private handshaking is a more private form of secret handshaking, because it
does not allow the group administrator to trace users. We extend the original
definition of a handshaking protocol to allow and test for membership of
multiple groups simultaneously. We present simple and efficient protocols for
both the single group and multiple group membership case.
Private handshaking is a useful tool for mutual authentication, demanded by
many pervasive applications (including RFID) for privacy. Our implementations
are efficient enough to support such usually resource constrained scenarios
Improved Secure Efficient Delegated Private Set Intersection
Private Set Intersection (PSI) is a vital cryptographic technique used for
securely computing common data of different sets. In PSI protocols, often two
parties hope to find their common set elements without needing to disclose
their uncommon ones. In recent years, the cloud has been playing an influential
role in PSI protocols which often need huge computational tasks. In 2017, Abadi
et al. introduced a scheme named EO-PSI which uses a cloud to pass on the main
computations to it and does not include any public-key operations. In EO-PSI,
parties need to set up secure channels beforehand; otherwise, an attacker can
easily eavesdrop on communications between honest parties and find private
information. This paper presents an improved EO-PSI scheme which has the edge
on the previous scheme in terms of privacy and complexity. By providing
possible attacks on the prior scheme, we show the necessity of using secure
channels between parties. Also, our proposed protocol is secure against passive
attacks without having to have any secure channels. We measure the protocol's
overhead and show that computational complexity is considerably reduced and
also is fairer compared to the previous scheme.Comment: 6 pages, presented in proceedings of the 28th Iranian Conference on
Electrical Engineering (ICEE 2020). Final version of the paper has been adde
The Prom Problem: Fair and Privacy-Enhanced Matchmaking with Identity Linked Wishes
In the Prom Problem (TPP), Alice wishes to attend a school dance with Bob and needs a risk-free, privacy preserving way to find out whether Bob shares that same wish. If not, no one should know that she inquired about it, not even Bob. TPP represents a special class of matchmaking challenges, augmenting the properties of privacy-enhanced matchmaking, further requiring fairness and support for identity linked wishes (ILW) – wishes involving specific identities that are only valid if all involved parties have those same wishes.
The Horne-Nair (HN) protocol was proposed as a solution to TPP along with a sample pseudo-code embodiment leveraging an untrusted matchmaker. Neither identities nor pseudo-identities are included in any messages or stored in the matchmaker’s database. Privacy relevant data stay within user control. A security analysis and proof-of-concept implementation validated the approach, fairness was quantified, and a feasibility analysis demonstrated practicality in real-world networks and systems, thereby bounding risk prior to incurring the full costs of development.
The SecretMatchâ„¢ Prom app leverages one embodiment of the patented HN protocol to achieve privacy-enhanced and fair matchmaking with ILW. The endeavor led to practical lessons learned and recommendations for privacy engineering in an era of rapidly evolving privacy legislation. Next steps include design of SecretMatchâ„¢ apps for contexts like voting negotiations in legislative bodies and executive recruiting. The roadmap toward a quantum resistant SecretMatchâ„¢ began with design of a Hybrid Post-Quantum Horne-Nair (HPQHN) protocol. Future directions include enhancements to HPQHN, a fully Post Quantum HN protocol, and more