A fast single server private information retrieval protocol with low communication cost

Existing single server Private Information Retrieval (PIR) protocols are far from practical. To be practical, a single server PIR protocol has to be both communicationally and computationally efficient. In this paper, we present a single server PIR protocol that has low communication cost and is much faster than existing protocols. A major building block of the PIR protocol in this paper is a tree-based compression scheme, which we call folding/unfolding. This compression scheme enables us to lower the communication complexity to O(loglogn). The other major building block is the BGV fully homomorphic encryption scheme. We show how we design the protocol to exploit the internal parallelism of the BGV scheme. This significantly reduces the server side computational overhead and makes our protocol much faster than the existing protocols. Our protocol can be further accelerated by utilising hardware parallelism. We have built a prototype of the protocol. We report on the performance of our protocol based on the prototype and compare it with the current most efficient protocols

Location-Based Access Control In Neighborhood Geosocial Network: A Case Of Emergency Assistance

To enforce safer virtual neighborhood environment, access control is essential to specify privileges or access rights to resources in neighborhood geosocial network applications. In the case of emergency circumstances, several concerns in implementing access control have been identified: (1) inefficient message sending to irrelevant recipients (2) location spoofing (3) gossip and rumors due to disclosing information to wrong audience. To address such potential risks, access control specifically tailored for neighborhood geosocial network is required. The objective of this paper is two-fold: First, to propose an access control using density-based and position-based location conditions for neighborhood geosocial network. Second, to design mySOS, a proof-of-concept prototype that incorporate the proposed access control to improve access control for emergency assistance in neighborhood geosocial network. To achieve the objectives, a combination of proposed self-organized segmentation algorithms (density-based) and resident engagement incentives (position-based) are implemented. This study contributes to a new way for access control that will determine user profile in accessing emergency assistance features in a neighborhood geosocial network application

Privacy by Design in Distributed Mobility Data

Movement data are sensitive, because people’s whereabouts may allow re- identification of individuals in a de-identified database and thus can poten- tially reveal intimate personal traits, such as religious or sexual preferences. In this thesis, we focus on a distributed setting in which movement data from individual vehicles are collected and aggregated by a centralized station. We propose a novel approach to privacy-preserving analytical processing within such a distributed setting, and tackle the problem of obtaining aggregated traffic information while preventing privacy leakage from data collection and aggregation. We study and analyze three different solutions based on the differential privacy model and on sketching techniques for efficient data compression. Each solution achieves different a trade-off between privacy protection and utility of the transformed data. Using real-life data, we demonstrate the effectiveness of our approaches in terms of data utility preserved by the data transformation, thus bringing empirical evidence to the fact that the privacy-by-design paradigm in big data analysis has the potential of delivering high data protection combined with high quality even in massively distributed techno-social systems

Privacy-preserving spatiotemporal multicast for mobile information services

Mobile devices have become essential for accessing information services anywhere at any time. While the so-called geographic multicast (geocast) has been considered in detail in existing research, it only focuses on delivering messages to all mobile devices that are currently residing within a certain geographic area. This thesis extends this notion by introducing a Spatiotemporal Multicast (STM), which can informally be described as a "geocast into the past". Instead of addressing users based on their current locations, this concept relates to the challenge of sending a message to all devices that have resided within a geographic area at a certain time in the past. While a wide variety of applications can be envisioned for this concept, it presents several challenges to be solved. In order to deliver messages to all past visitors of a certain location, an STM service would have to fully track all user movements at all times. However, collecting this kind of information is not desirable considering the underlying privacy implications, i.e., users may not wish to be identified by the sender of a message as this can disclose sensitive personal information. Consequently, this thesis aims to provide a privacy-preserving notion of STM. In order to realize such a service, this work first presents a detailed overview of possible applications. Based on those, functional, non-functional, as well as security and privacy objectives are proposed. These objectives provide the foundation for an in-depth literature review of potential mechanisms for realizing an STM service. Among the suggested options, the most promising relies on Rendezvous Points (RPs) for datagram delivery. In simple terms, RPs represent "anonymous mailboxes" that are responsible for certain spatiotemporal regions. Messages are deposited at RPs so that users can retrieve them later on. Protecting the privacy of users then translates to obfuscating the responsibilities of RPs for specific spatiotemporal regions. This work proposes two realizations: CSTM, which relies on cryptographic hashing, and OSTM, which considers the use of order-preserving encryption in a CAN overlay. Both approaches are evaluated and compared in detail with respect to the given objectives. While OSTM yields superior performance-related properties, CSTM provides an increased ability of protecting the privacy of users.Mobilgeräte bilden heute die Grundlage allgegenwärtiger Informationsdienste. Während der sogenannte geografische Multicast (Geocast) hier bereits ausführlich erforscht worden ist, so bezieht sich dieser nur auf Geräte, welche sich aktuell innerhalb einer geografischen Zielregion befinden. Diese Arbeit erweitert dieses Konzept durch einen räumlich-zeitlichen Multicast, welcher sich informell als "Geocast in die Vergangenheit" beschreiben lässt. Dabei wird die Zustellung einer Nachricht an alle Nutzer betrachtet, die sich in der Vergangenheit an einem bestimmten Ort aufgehalten haben. Während eine Vielzahl von Anwendungen für dieses Konzept denkbar ist, so ergeben sich hier mehrere Herausforderungen. Um Nachrichten an ehemalige Besucher eines Ortes senden zu können, müsste ein räumlich-zeitlicher Multicast-Dienst die Bewegungen aller Nutzer vollständig erfassen. Aus Gründen des Datenschutzes ist das zentralisierte Sammeln solch sensibler personenbezogener Daten jedoch nicht wünschenswert. Diese Arbeit befasst sich daher insbesondere mit dem Schutz der Privatsphäre von Nutzern eines solchen Dienstes. Zur Entwicklung eines räumlich-zeitlichen Multicast-Dienstes erörtert diese Arbeit zunächst mögliche Anwendungen. Darauf aufbauend werden funktionale, nicht-funktionale, sowie Sicherheits- und Privatsphäre-relevante Anforderungen definiert. Diese bilden die Grundlage einer umfangreichen Literaturrecherche relevanter Realisierungstechniken. Der vielversprechendste Ansatz basiert hierbei auf der Hinterlegung von Nachrichten in sogenannten Rendezvous Points. Vereinfacht betrachtet stellen diese "anonyme Briefkästen" für bestimmte räumlich-zeitliche Regionen dar. Nachrichten werden in diesen so hinterlegt, dass legitime Empfänger sie dort später abholen können. Der Schutz der Nutzer-Privatsphäre entspricht dann der Verschleierung der Zuständigkeiten von Rendezvous Points für verschiedene räumlich-zeitliche Regionen. Diese Arbeit schlägt zwei Ansätze vor: CSTM, welches kryptografische Hashfunktionen nutzt, sowie OSTM, welches ordnungserhaltende Verschlüsselung in einem CAN Overlay einsetzt. Beide Optionen werden detailliert analytisch sowie empirisch bezüglich ihrer Diensteigenschaften untersucht und verglichen. Dabei zeigt sich, dass OSTM vorteilhaftere Leistungseigenschaften besitzt, während CSTM einen besseren Schutz der Nutzer-Privatsphäre bietet