4,953 research outputs found
Cryptographic Randomized Response Techniques
We develop cryptographically secure techniques to guarantee unconditional
privacy for respondents to polls. Our constructions are efficient and
practical, and are shown not to allow cheating respondents to affect the
``tally'' by more than their own vote -- which will be given the exact same
weight as that of other respondents. We demonstrate solutions to this problem
based on both traditional cryptographic techniques and quantum cryptography.Comment: 21 page
XYZ Privacy
Future autonomous vehicles will generate, collect, aggregate and consume
significant volumes of data as key gateway devices in emerging Internet of
Things scenarios. While vehicles are widely accepted as one of the most
challenging mobility contexts in which to achieve effective data
communications, less attention has been paid to the privacy of data emerging
from these vehicles. The quality and usability of such privatized data will lie
at the heart of future safe and efficient transportation solutions.
In this paper, we present the XYZ Privacy mechanism. XYZ Privacy is to our
knowledge the first such mechanism that enables data creators to submit
multiple contradictory responses to a query, whilst preserving utility measured
as the absolute error from the actual original data. The functionalities are
achieved in both a scalable and secure fashion. For instance, individual
location data can be obfuscated while preserving utility, thereby enabling the
scheme to transparently integrate with existing systems (e.g. Waze). A new
cryptographic primitive Function Secret Sharing is used to achieve
non-attributable writes and we show an order of magnitude improvement from the
default implementation.Comment: arXiv admin note: text overlap with arXiv:1708.0188
Prochlo: Strong Privacy for Analytics in the Crowd
The large-scale monitoring of computer users' software activities has become
commonplace, e.g., for application telemetry, error reporting, or demographic
profiling. This paper describes a principled systems architecture---Encode,
Shuffle, Analyze (ESA)---for performing such monitoring with high utility while
also protecting user privacy. The ESA design, and its Prochlo implementation,
are informed by our practical experiences with an existing, large deployment of
privacy-preserving software monitoring.
(cont.; see the paper
Separating Two-Round Secure Computation From Oblivious Transfer
We consider the question of minimizing the round complexity of protocols for secure multiparty computation (MPC) with security against an arbitrary number of semi-honest parties. Very recently, Garg and Srinivasan (Eurocrypt 2018) and Benhamouda and Lin (Eurocrypt 2018) constructed such 2-round MPC protocols from minimal assumptions. This was done by showing a round preserving reduction to the task of secure 2-party computation of the oblivious transfer functionality (OT). These constructions made a novel non-black-box use of the underlying OT protocol. The question remained whether this can be done by only making black-box use of 2-round OT. This is of theoretical and potentially also practical value as black-box use of primitives tends to lead to more efficient constructions.
Our main result proves that such a black-box construction is impossible, namely that non-black-box use of OT is necessary. As a corollary, a similar separation holds when starting with any 2-party functionality other than OT.
As a secondary contribution, we prove several additional results that further clarify the landscape of black-box MPC with minimal interaction. In particular, we complement the separation from 2-party functionalities by presenting a complete 4-party functionality, give evidence for the difficulty of ruling out a complete 3-party functionality and for the difficulty of ruling out black-box constructions of 3-round MPC from 2-round OT, and separate a relaxed "non-compact" variant of 2-party homomorphic secret sharing from 2-round OT
Quantifying pervasive authentication: the case of the Hancke-Kuhn protocol
As mobile devices pervade physical space, the familiar authentication
patterns are becoming insufficient: besides entity authentication, many
applications require, e.g., location authentication. Many interesting protocols
have been proposed and implemented to provide such strengthened forms of
authentication, but there are very few proofs that such protocols satisfy the
required security properties. The logical formalisms, devised for reasoning
about security protocols on standard computer networks, turn out to be
difficult to adapt for reasoning about hybrid protocols, used in pervasive and
heterogenous networks.
We refine the Dolev-Yao-style algebraic method for protocol analysis by a
probabilistic model of guessing, needed to analyze protocols that mix weak
cryptography with physical properties of nonstandard communication channels.
Applying this model, we provide a precise security proof for a proximity
authentication protocol, due to Hancke and Kuhn, that uses a subtle form of
probabilistic reasoning to achieve its goals.Comment: 31 pages, 2 figures; short version of this paper appeared in the
Proceedings of MFPS 201
DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization
Recent research has demonstrated that Intel's SGX is vulnerable to various
software-based side-channel attacks. In particular, attacks that monitor CPU
caches shared between the victim enclave and untrusted software enable accurate
leakage of secret enclave data. Known defenses assume developer assistance,
require hardware changes, impose high overhead, or prevent only some of the
known attacks. In this paper we propose data location randomization as a novel
defensive approach to address the threat of side-channel attacks. Our main goal
is to break the link between the cache observations by the privileged adversary
and the actual data accesses by the victim. We design and implement a
compiler-based tool called DR.SGX that instruments enclave code such that data
locations are permuted at the granularity of cache lines. We realize the
permutation with the CPU's cryptographic hardware-acceleration units providing
secure randomization. To prevent correlation of repeated memory accesses we
continuously re-randomize all enclave data during execution. Our solution
effectively protects many (but not all) enclaves from cache attacks and
provides a complementary enclave hardening technique that is especially useful
against unpredictable information leakage
- …