Simulating Private Information Retrieval on Amazon Web Services

As our modern lives have gradually moved more and more online, companies and state actors have taken it upon themselves to gather and analyze our behavior online, and as these actors have gradually shown just how much they know about a private user, or a group of users, a concern for privacy has grown accordingly. A virtual private network service could help anonymize a user, but the providers of services usually log what services they provide, which can provide identifying information. Research in privacy measures have thus become a larger topic in recent time. Private information retrieval allows a user to query a database without revealing to the server any information about the information queried, and if effective enough, could provide perfect privacy to everyone. In this thesis, we examine a state-of-the-art efficient private information retrieval scheme and study every step in the protocol in a simulation implemented on Amazon’s cloud computing services.Masteroppgave i informatikkINF399MAMN-PROGMAMN-IN

The Capacity of Single-Server Weakly-Private Information Retrieval

A private information retrieval (PIR) protocol guarantees that a user can privately retrieve files stored in a database without revealing any information about the identity of the requested file. Existing information-theoretic PIR protocols ensure perfect privacy, i.e., zero information leakage to the servers storing the database, but at the cost of high download. In this work, we present weakly-private information retrieval (WPIR) schemes that trade off perfect privacy to improve the download cost when the database is stored on a single server. We study the tradeoff between the download cost and information leakage in terms of mutual information (MI) and maximal leakage (MaxL) privacy metrics. By relating the WPIR problem to rate-distortion theory, the download-leakage function, which is defined as the minimum required download cost of all single-server WPIR schemes for a given level of information leakage and a fixed file size, is introduced. By characterizing the download-leakage function for the MI and MaxL metrics, the capacity of single-server WPIR is fully described.Comment: To appear in IEEE Journal of Selected Areas in Information Theory (JSAIT), Special Issue on Privacy and Security of Information Systems, 202

Quantum surveillance and 'shared secrets'. A biometric step too far? CEPS Liberty and Security in Europe, July 2010

It is no longer sensible to regard biometrics as having neutral socio-economic, legal and political impacts. Newer generation biometrics are fluid and include behavioural and emotional data that can be combined with other data. Therefore, a range of issues needs to be reviewed in light of the increasing privatisation of ‘security’ that escapes effective, democratic parliamentary and regulatory control and oversight at national, international and EU levels, argues Juliet Lodge, Professor and co-Director of the Jean Monnet European Centre of Excellence at the University of Leeds, U

Privacy-Aware Recommender Systems Challenge on Twitter's Home Timeline

Recommender systems constitute the core engine of most social network platforms nowadays, aiming to maximize user satisfaction along with other key business objectives. Twitter is no exception. Despite the fact that Twitter data has been extensively used to understand socioeconomic and political phenomena and user behaviour, the implicit feedback provided by users on Tweets through their engagements on the Home Timeline has only been explored to a limited extent. At the same time, there is a lack of large-scale public social network datasets that would enable the scientific community to both benchmark and build more powerful and comprehensive models that tailor content to user interests. By releasing an original dataset of 160 million Tweets along with engagement information, Twitter aims to address exactly that. During this release, special attention is drawn on maintaining compliance with existing privacy laws. Apart from user privacy, this paper touches on the key challenges faced by researchers and professionals striving to predict user engagements. It further describes the key aspects of the RecSys 2020 Challenge that was organized by ACM RecSys in partnership with Twitter using this dataset.Comment: 16 pages, 2 table

KL 발산 및 JS 발산에 따른 정보 누출이 있는 개인 정보 검색

학위논문 (박사) -- 서울대학교 대학원 : 공과대학 전기·정보공학부, 2021. 2. 노종선.In this dissertation, two main contributions are given as; Private information retrieval with information leakage under the Kullback-Leibler divergence is formulated and solved. Private information retrieval with information leakage under the Jensen-Shannon divergence is formulated and solved. First, the private information retrieval (PIR) problem with information leakage is proposed with the Kullback-Leibler (KL) divergence. The amount of information leakage is measured by the KL divergence. The divergence is from the given reference probability distribution causing no information leakage in the PIR system to an arbitrary probability distribution of user's choice. Information leakage can be helpful in terms of the performance of the PIR system, that is, the download cost. In other words, allowing information leakage enables us to reduce the download cost of the PIR problem. We want to restrict the problem as efficiently as possible, and thus, the optimal tradeoff between the information leakage and the download cost is being considered. The problem is formulated as an optimization problem and solved using convex optimization. Furthermore, we propose an alternative PIR scheme with less message length that shows a better tradeoff than the existing PIR scheme in some tradeoff intervals. Second, the same private information retrieval problem with information leakage is proposed but with the Jensen-Shannon (JS) divergence. The JS divergence is based on the KL divergence. The divergence occurs from the difference in probability distributions among the user's desired messages. Similar to the KL divergence, it captures the dissimilarity among the probability distributions but with some desirable features. One of the advantages it gives is that it can measure the dissimilarity of more than two probability distributions, which makes the problem more general. More specifically, the problem formulated with JS divergence does not need the given reference probability distribution causing no information leakage in the PIR system. The tradeoff between the information leakage measured by the JS divergence and the download cost is formulated as a convex optimization problem and solved with numerical solutions.이 논문에서의 두 가지 주요 공헌은 다음과 같다. Kullback-Leibler 발산으로 측정한 정보 누출이 존재하는 개인 정보 검색 문제를 만들고 해결하였다. Jensen-Shannon 발산으로 측정한 정보 누출이 존재하는 개인 정보 검색 문제를 만들고 해결하였다. 첫째로, Kullback-Leibler 발산을 사용하여 정보 누출이 존재하는 개인 정보 검색 문제를 제안한다. 정보 누출량은 Kullback-Leibler 발산으로 측정된다. 발산이 가지는 의미는 개인 정보 검색 시스템에 누출이 없게 되는 기준이 되는 특정 분포로부터 사용자가 선택할 수 있는 임의 분포로의 차이를 측정한 것이다. 정보 누출은 개인 정보 검색 시스템의 성능인 다운로드 비용 측면에서 도움을 줄 수 있다. 가능한 한 효율적으로 정보 누출을 이용하는 방법을 찾고자 하였으며 정보 누출과 다운로드 비용 간의 최적의 균형 지점을 찾는 문제를 제시하였다. 이 문제는 컨벡스 최적화 문제로 만들어 해결하였다. 또한, 일부 트레이드 오프 구간에서 기존의 개인 정보 검색 방식보다 더 나은 성능을 보여주는 메시지 길이가 더 짧은 개인 정보 검색 방식을 제안하였다. 둘째로, Jensen-Shannon 발산을 사용하여 정보 누출이 존재하는 개인 정보 검색 문제를 제안한다. Jensen-Shannon 발산은 Kullback-Leibler 발산을 기반으로 하는 확률 분포 사이의 비유사성을 나타내는 값이다. 사용자가 원하는 메시지가 무엇이냐에 따라 사용자가 선택할 수 있는 확률 분포의 차이가 발생하고 그 확률 분포들 간의 발산을 측정한다. Jensen-Shannon 발산에는 몇 가지 적절한 특징이 있는데 그 중 하나는 3 개 이상의 확률 분포 간의 비유사성을 측정할 수 있다는 것이다. 이를 이용하여 Jensen-Shannon 발산으로 공식화 된 문제에는 개인 정보 검색 시스템에 누출이 없게 되는 기준이 되는 특정 분포가 필요하지 않다. Jensen-Shannon 발산으로 측정된 정보 누출과 다운로드 비용 간의 균형 지점은 컨벡스 최적화 문제로 만들 수 있으며, 시뮬레이션을 통한 솔루션이 제시되었다.Abstract Contents List of Tables List of Figures 1 Introduction 1 1.1 Background 1 1.2 Overview of Dissertation 2 1.3 Notations 4 2 Preliminaries 5 2.1 Private Information Retrieval 5 2.2 Information Leakage in PIR 9 2.3 Convex Optimization 11 3 PIR with Information Leakage under the Kullback-Leibler Divergence 13 3.1 Introduction 13 3.2 Problem Formulation under the Kullback-Leibler Divergence 14 3.3 Achievable Scheme under the Kullback-Leibler Divergence 16 3.3.1 Probabilistic Query Generation 16 3.3.2 Example of Symmetric TSC Scheme with N = 2,K = 2 20 3.3.3 Example of Symmetric TSC Scheme with N = 3,K = 2 23 3.3.4 Example of Symmetric TSC Scheme with N = 3,K = 3 24 3.3.5 Probabilistic PIR Scheme with General N,K 27 3.4 Optimal Tradeoff Between Information Leakage and Download Cost under the Kullback-Leibler Divergence 29 3.4.1 Optimization of Probability Distribution 30 3.4.2 Optimal Tradeoff Between Information Leakage and Download Cost 35 3.4.3 Numerical Analysis with Examples 35 3.5 Alternative Probabilistic PIR Scheme 37 3.5.1 The Proposed Alternative PIR Scheme 44 3.5.2 Alternative Optimal Tradeoff Between Information Leakage and Download Cost 50 3.5.3 Numerical Analysis of the Proposed Alternative Scheme 51 4 PIR with Information Leakage under the Jensen-Shannon Divergence 59 4.1 Introduction 59 4.2 Problem Formulation under the Jensen-Shannon Divergence 62 4.3 Achievable Scheme under the Jensen-Shannon Divergence 64 4.3.1 Probabilistic Query Generation 64 4.3.2 Example of Symmetric TSC Scheme with N = 2,K = 2 65 4.3.3 Example of Symmetric TSC Scheme with N = 3,K = 2 69 4.4 Optimal Tradeoff Between Information Leakage and Download Cost under the Jensen-Shannon Divergence 69 4.4.1 Optimization Problem with General N,K 69 4.4.2 Numerical Analysis with Examples 73 5 Conclusions 77 Abstract (In Korean) 83Docto

Double Blind TT-Private Information Retrieval

Double blind $T$-private information retrieval (DB-TPIR) enables two users, each of whom specifies an index ($\theta_1, \theta_2$, resp.), to efficiently retrieve a message $W(\theta_1,\theta_2)$ labeled by the two indices, from a set of $N$ servers that store all messages $W(k_1,k_2), k_1\in\{1,2,\cdots,K_1\}, k_2\in\{1,2,\cdots,K_2\}$, such that the two users' indices are kept private from any set of up to $T_1,T_2$ colluding servers, respectively, as well as from each other. A DB-TPIR scheme based on cross-subspace alignment is proposed in this paper, and shown to be capacity-achieving in the asymptotic setting of large number of messages and bounded latency. The scheme is then extended to $M$-way blind $X$-secure $T$-private information retrieval (MB-XS-TPIR) with multiple ($M$) indices, each belonging to a different user, arbitrary privacy levels for each index ($T_1, T_2,\cdots, T_M$), and arbitrary level of security ($X$) of data storage, so that the message $W(\theta_1,\theta_2,\cdots, \theta_M)$ can be efficiently retrieved while the stored data is held secure against collusion among up to $X$ colluding servers, the $m^{th}$ user's index is private against collusion among up to $T_m$ servers, and each user's index $\theta_m$ is private from all other users. The general scheme relies on a tensor-product based extension of cross-subspace alignment and retrieves $1-(X+T_1+\cdots+T_M)/N$ bits of desired message per bit of download.Comment: Accepted for publication in IEEE Journal on Selected Areas in Information Theory (JSAIT

Application of Asynchronous Transfer Mode (Atm) technology to Picture Archiving and Communication Systems (Pacs): A survey

Broadband Integrated Services Digital Network (R-ISDN) provides a range of narrowband and broad-band services for voice, video, and multimedia. Asynchronous Transfer Mode (ATM) has been selected by the standards bodies as the transfer mode for implementing B-ISDN; The ability to digitize images has lead to the prospect of reducing the physical space requirements, material costs, and manual labor of traditional film handling tasks in hospitals. The system which handles the acquisition, storage, and transmission of medical images is called a Picture Archiving and Communication System (PACS). The transmission system will directly impact the speed of image transfer. Today the most common transmission means used by acquisition and display station products is Ethernet. However, when considering network media, it is important to consider what the long term needs will be. Although ATM is a new standard, it is showing signs of becoming the next logical step to meet the needs of high speed networks; This thesis is a survey on ATM, and PACS. All the concepts involved in developing a PACS are presented in an orderly manner. It presents the recent developments in ATM, its applicability to PACS and the issues to be resolved for realising an ATM-based complete PACS. This work will be useful in providing the latest information, for any future research on ATM-based networks, and PACS