1,352 research outputs found
Extended Combinatorial Constructions for Peer-to-peer User-Private Information Retrieval
We consider user-private information retrieval (UPIR), an interesting
alternative to private information retrieval (PIR) introduced by Domingo-Ferrer
et al. In UPIR, the database knows which records have been retrieved, but does
not know the identity of the query issuer. The goal of UPIR is to disguise user
profiles from the database. Domingo-Ferrer et al.\ focus on using a
peer-to-peer community to construct a UPIR scheme, which we term P2P UPIR. In
this paper, we establish a strengthened model for P2P UPIR and clarify the
privacy goals of such schemes using standard terminology from the field of
privacy research. In particular, we argue that any solution providing privacy
against the database should attempt to minimize any corresponding loss of
privacy against other users. We give an analysis of existing schemes, including
a new attack by the database. Finally, we introduce and analyze two new
protocols. Whereas previous work focuses on a special type of combinatorial
design known as a configuration, our protocols make use of more general
designs. This allows for flexibility in protocol set-up, allowing for a choice
between having a dynamic scheme (in which users are permitted to enter and
leave the system), or providing increased privacy against other users.Comment: Updated version, which reflects reviewer comments and includes
expanded explanations throughout. Paper is accepted for publication by
Advances in Mathematics of Communication
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
With the growing amount of personal information exchanged over the Internet,
privacy is becoming more and more a concern for users. One of the key
principles in protecting privacy is data minimisation. This principle requires
that only the minimum amount of information necessary to accomplish a certain
goal is collected and processed. "Privacy-enhancing" communication protocols
have been proposed to guarantee data minimisation in a wide range of
applications. However, currently there is no satisfactory way to assess and
compare the privacy they offer in a precise way: existing analyses are either
too informal and high-level, or specific for one particular system. In this
work, we propose a general formal framework to analyse and compare
communication protocols with respect to privacy by data minimisation. Privacy
requirements are formalised independent of a particular protocol in terms of
the knowledge of (coalitions of) actors in a three-layer model of personal
information. These requirements are then verified automatically for particular
protocols by computing this knowledge from a description of their
communication. We validate our framework in an identity management (IdM) case
study. As IdM systems are used more and more to satisfy the increasing need for
reliable on-line identification and authentication, privacy is becoming an
increasingly critical issue. We use our framework to analyse and compare four
identity management systems. Finally, we discuss the completeness and
(re)usability of the proposed framework
Efficient Verifiable Computation of XOR for Biometric Authentication
This work addresses the security and privacy issues in remotebiometric authentication by proposing an efficient mechanism to verifythe correctness of the outsourced computation in such protocols.In particular, we propose an efficient verifiable computation of XORingencrypted messages using an XOR linear message authenticationcode (MAC) and we employ the proposed scheme to build a biometricauthentication protocol. The proposed authentication protocol is bothsecure and privacy-preserving against malicious (as opposed to honest-but-curious) adversaries. Specifically, the use of the verifiable computation scheme together with an homomorphic encryption protects the privacy of biometric templates against malicious adversaries. Furthermore, in order to achieve unlinkability of authentication attempts, while keeping a low communication overhead, we show how to apply Oblivious RAM and biohashing to our protocol. We also provide a proof of security for the proposed solution. Our simulation results show that the proposed authentication protocol is efficient
Improving the Robustness of Private Information Retrieval
Since 1995, much work has been done creating protocols for private information retrieval (PIR). Many variants of the basic PIR model have been proposed, including such modifications as computational vs. information-theoretic privacy protection, correctness in the face of servers that fail to respond or that respond incorrectly, and protection of sensitive data against the database servers themselves. In this paper, we improve on the robustness of PIR in a number of ways. First, we present a Byzantine-robust PIR protocol which provides information-theoretic privacy protection against coalitions of up to all but one of the responding servers, improving the previous result by a factor of 3. In addition, our protocol allows for more of the responding servers to return incorrect information while still enabling the user to compute the correct result. We then extend our protocol so that queries have information-theoretic protection if a limited number of servers collude, as before, but still retain computational protection if they all collude. We also extend the protocol to provide informationtheoretic protection to the contents of the database against collusions of limited numbers of the database servers, at no additional communication cost or increase in the number of servers. All of our protocols retrieve a block of data with communication cost only O(ℓ) times the size of the block, where ℓ is the number of servers. Finally, we discuss our implementation of these protocols, and measure their performance in order to determine their practicality.
Unconditionally Secure Cryptography: Signature Schemes, User-Private Information Retrieval, and the Generalized Russian Cards Problem
We focus on three different types of multi-party cryptographic protocols. The first is in the area of unconditionally secure signature schemes, the goal of which is to provide users the ability to electronically sign documents without the reliance on computational assumptions needed in traditional digital signatures. The second is on cooperative protocols in which users help each other maintain privacy while querying a database, called user-private information retrieval protocols. The third is concerned with the generalized Russian cards problem, in which two card players wish to communicate their hands to each other via public announcements without the third player learning the card deal. The latter two problems have close ties to the field of combinatorial designs, and properly fit within the field of combinatorial cryptography. All of these problems have a common thread, in that they are grounded in the information-theoretically secure or unconditionally secure setting
Recommended from our members
Toward practical and private online services
Today's common online services (social networks, media streaming, messaging,
email, etc.) bring convenience. However, these services are susceptible to
privacy leaks. Certainly, email snooping by rogue employees, email server
hacks, and accidental disclosures of user ratings for movies are some
sources of private information leakage. This dissertation investigates the
following question: Can we build systems that (a) provide strong privacy
guarantees to the users, (b) are consistent with existing commercial and policy
regimes, and (c) are affordable?
Satisfying all three requirements simultaneously is challenging, as providing
strong privacy guarantees usually necessitates either sacrificing functionality,
incurring high resource costs, or both. Indeed, there are powerful cryptographic
protocols---private information retrieval (PIR), and secure two-party
computation (2PC)---that provide strong guarantees but are orders of magnitude
more expensive than their non-private counterparts. This dissertation takes
these protocols as a starting point and then substantially reduces their costs
by tailoring them using application-specific properties. It presents two
systems, Popcorn and Pretzel, built on this design ethos.
Popcorn is a Netflix-like media delivery system, that provably hides, even from
the content distributor (for example, Netflix), which movie a user is watching.
Popcorn tailors PIR protocols to the media domain. It amortizes the server-side
overhead of PIR by batching requests from the large number of concurrent users
retrieving content at any given time; and, it forms large batches without
introducing playback delays by leveraging the properties of media streaming.
Popcorn is consistent with the prevailing commercial regime (copyrights, etc.),
and its per-request dollar cost is 3.87 times that of a non-private system.
The other system described in this dissertation, Pretzel, is an email system
that encrypts emails end-to-end between senders and intended recipients, but
allows the email service provider to perform content-based spam filtering and
targeted advertising. Pretzel refines a 2PC protocol. It reduces the resource
consumption of the protocol by replacing the underlying encryption scheme with a
more efficient one, applying a packing technique to conserve invocations of the
encryption algorithm, and pruning the inputs to the protocol. Pretzel's costs,
versus a legacy non-private implementation, are estimated to be up to 5.4 times
for the email provider, with additional but modest client-side requirements.
Popcorn and Pretzel have fundamental connections. For instance, the
cryptographic protocols in both systems securely compute vector-matrix products.
However, we observe that differences in the vector and matrix dimensions lead to
different system designs.
Ultimately, both systems represent a potentially appealing compromise: sacrifice
some functionality to build in strong privacy properties at affordable costs.Computer Science
Enabling Data Confidentiality with Public Blockchains
Blockchain technology is apt to facilitate the automation of multi-party
cooperations among various players in a decentralized setting, especially in
cases where trust among participants is limited. Transactions are stored in a
ledger, a replica of which is retained by every node of the blockchain network.
The operations saved thereby are thus publicly accessible. While this aspect
enhances transparency, reliability, and persistence, it hinders the utilization
of public blockchains for process automation as it violates typical
confidentiality requirements in corporate settings. To overcome this issue, we
propose our approach named Multi-Authority Approach to Transaction Systems for
Interoperating Applications (MARTSIA). Based on Multi-Authority Attribute-Based
Encryption (MA-ABE), MARTSIA enables read-access control over shared data at
the level of message parts. User-defined policies determine whether an actor
can interpret the publicly stored information or not, depending on the actor's
attributes declared by a consortium of certifiers. Still, all nodes in the
blockchain network can attest to the publication of the (encrypted) data. We
provide a formal analysis of the security guarantees of MARTSIA, and illustrate
the proof-of-concept implementation over multiple blockchain platforms. To
demonstrate its interoperability, we showcase its usage in ensemble with a
state-of-the-art blockchain-based engine for multi-party process execution, and
three real-world decentralized applications in the context of NFT markets,
supply chain, and retail.Comment: arXiv admin note: substantial text overlap with arXiv:2303.1797
Data privacy
Data privacy studies methods, tools, and theory to avoid the disclosure of sensitive information. Its origin is in statistics with the goal to ensure the confidentiality of data gathered from census and questionnaires. The topic was latter introduced in computer science and more particularly in data mining, where due to the large amount of data currently available, has attracted the interest of researchers, practitioners, and companies. In this paper we will review the main topics related to data privacy and privacy-enhancing technologies
- …