136,969 research outputs found
On the Power of Multiple Anonymous Messages
An exciting new development in differential privacy is the shuffled model, in
which an anonymous channel enables non-interactive, differentially private
protocols with error much smaller than what is possible in the local model,
while relying on weaker trust assumptions than in the central model. In this
paper, we study basic counting problems in the shuffled model and establish
separations between the error that can be achieved in the single-message
shuffled model and in the shuffled model with multiple messages per user.
For the problem of frequency estimation for users and a domain of size
, we obtain:
- A nearly tight lower bound of on the error in the single-message shuffled model. This implies
that the protocols obtained from the amplification via shuffling work of
Erlingsson et al. (SODA 2019) and Balle et al. (Crypto 2019) are essentially
optimal for single-message protocols. A key ingredient in the proof is a lower
bound on the error of locally-private frequency estimation in the low-privacy
(aka high ) regime.
- Protocols in the multi-message shuffled model with
bits of communication per user and error, which provide an
exponential improvement on the error compared to what is possible with
single-message algorithms.
For the related selection problem on a domain of size , we prove:
- A nearly tight lower bound of on the number of users in the
single-message shuffled model. This significantly improves on the
lower bound obtained by Cheu et al. (Eurocrypt 2019), and
when combined with their -error multi-message protocol,
implies the first separation between single-message and multi-message protocols
for this problem.Comment: 70 pages, 2 figures, 3 table
"On the Road" - Reflections on the Security of Vehicular Communication Systems
Vehicular communication (VC) systems have recently drawn the attention of
industry, authorities, and academia. A consensus on the need to secure VC
systems and protect the privacy of their users led to concerted efforts to
design security architectures. Interestingly, the results different project
contributed thus far bear extensive similarities in terms of objectives and
mechanisms. As a result, this appears to be an auspicious time for setting the
corner-stone of trustworthy VC systems. Nonetheless, there is a considerable
distance to cover till their deployment. This paper ponders on the road ahead.
First, it presents a distillation of the state of the art, covering the
perceived threat model, security requirements, and basic secure VC system
components. Then, it dissects predominant assumptions and design choices and
considers alternatives. Under the prism of what is necessary to render secure
VC systems practical, and given possible non-technical influences, the paper
attempts to chart the landscape towards the deployment of secure VC systems
Distributed Broadcasting and Mapping Protocols in Directed Anonymous Networks
We initiate the study of distributed protocols over directed anonymous networks that are not necessarily strongly connected. In such networks, nodes are aware only of their incoming and outgoing edges, have no unique identity, and have no knowledge of the network topology or even bounds on its parameters, like the number of nodes or the network diameter. Anonymous networks are of interest in various settings such as wireless ad-hoc networks and peer to peer networks. Our goal is to create distributed protocols that reduce the uncertainty by distributing the knowledge of the network topology to all the nodes.
We consider two basic protocols: broadcasting and unique label assignment. These two protocols enable a complete mapping of the network and can serve as key building blocks in more advanced protocols. We develop distributed asynchronous protocols as well as derive lower bounds on their communication complexity, total bandwidth complexity, and node label complexity. The resulting lower bounds are sometimes surprisingly high, exhibiting the complexity of topology extraction in directed anonymous networks
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
- …