9,202 research outputs found
Flexible and Robust Privacy-Preserving Implicit Authentication
Implicit authentication consists of a server authenticating a user based on
the user's usage profile, instead of/in addition to relying on something the
user explicitly knows (passwords, private keys, etc.). While implicit
authentication makes identity theft by third parties more difficult, it
requires the server to learn and store the user's usage profile. Recently, the
first privacy-preserving implicit authentication system was presented, in which
the server does not learn the user's profile. It uses an ad hoc two-party
computation protocol to compare the user's fresh sampled features against an
encrypted stored user's profile. The protocol requires storing the usage
profile and comparing against it using two different cryptosystems, one of them
order-preserving; furthermore, features must be numerical. We present here a
simpler protocol based on set intersection that has the advantages of: i)
requiring only one cryptosystem; ii) not leaking the relative order of fresh
feature samples; iii) being able to deal with any type of features (numerical
or non-numerical).
Keywords: Privacy-preserving implicit authentication, privacy-preserving set
intersection, implicit authentication, active authentication, transparent
authentication, risk mitigation, data brokers.Comment: IFIP SEC 2015-Intl. Information Security and Privacy Conference, May
26-28, 2015, IFIP AICT, Springer, to appea
Privacy-Preserving Genetic Relatedness Test
An increasing number of individuals are turning to Direct-To-Consumer (DTC)
genetic testing to learn about their predisposition to diseases, traits, and/or
ancestry. DTC companies like 23andme and Ancestry.com have started to offer
popular and affordable ancestry and genealogy tests, with services allowing
users to find unknown relatives and long-distant cousins. Naturally, access and
possible dissemination of genetic data prompts serious privacy concerns, thus
motivating the need to design efficient primitives supporting private genetic
tests. In this paper, we present an effective protocol for privacy-preserving
genetic relatedness test (PPGRT), enabling a cloud server to run relatedness
tests on input an encrypted genetic database and a test facility's encrypted
genetic sample. We reduce the test to a data matching problem and perform it,
privately, using searchable encryption. Finally, a performance evaluation of
hamming distance based PP-GRT attests to the practicality of our proposals.Comment: A preliminary version of this paper appears in the Proceedings of the
3rd International Workshop on Genome Privacy and Security (GenoPri'16
k-Nearest Neighbor Classification over Semantically Secure Encrypted Relational Data
Data Mining has wide applications in many areas such as banking, medicine,
scientific research and among government agencies. Classification is one of the
commonly used tasks in data mining applications. For the past decade, due to
the rise of various privacy issues, many theoretical and practical solutions to
the classification problem have been proposed under different security models.
However, with the recent popularity of cloud computing, users now have the
opportunity to outsource their data, in encrypted form, as well as the data
mining tasks to the cloud. Since the data on the cloud is in encrypted form,
existing privacy preserving classification techniques are not applicable. In
this paper, we focus on solving the classification problem over encrypted data.
In particular, we propose a secure k-NN classifier over encrypted data in the
cloud. The proposed k-NN protocol protects the confidentiality of the data,
user's input query, and data access patterns. To the best of our knowledge, our
work is the first to develop a secure k-NN classifier over encrypted data under
the semi-honest model. Also, we empirically analyze the efficiency of our
solution through various experiments.Comment: 29 pages, 2 figures, 3 tables arXiv admin note: substantial text
overlap with arXiv:1307.482
- …