99,355 research outputs found

    Private Matching for Compute

    Get PDF
    We revisit the problem of two-party private set intersection for aggregate computation which we refer to as private matching for compute. In this problem, two parties want to perform various downstream computation on the intersection of their two datasets according to a previously agreed-upon identifier. We observe that prior solutions to this problem have important limitations. For example, any change or update to the records in either party\u27s dataset triggers a rerun of the private matching component; and it is not clear how to support a streaming arrival of one party\u27s set in small batches without revealing the match rate for each individual batch. We introduce two new formulations of the private matching for compute problem meeting these requirements, called private-ID and streaming private secret shared set intersection, and design new DDH-based constructions for both. Our implementation shows that when taking advantage of the inherent parallelizability of these solutions, we can execute the matching for datasets of size upto 100 million records within an hour

    Delegated Private Matching for Compute

    Get PDF
    Private matching for compute (PMC) establishes a match between two datasets owned by mutually distrusted parties (CC and PP) and allows the parties to input more data for the matched records for arbitrary downstream secure computation without rerunning the private matching component. The state-of-the-art PMC protocols only support two parties and assume that both parties can participate in computationally intensive secure computation. We observe that such operational overhead limits the adoption of these protocols to solely powerful entities as small data owners or devices with minimal computing power will not be able to participate. We introduce two protocols to delegate PMC from party PP to untrusted cloud servers, called delegates, allowing multiple smaller PP parties to provide inputs containing identifiers and associated values. Our Delegated Private Matching for Compute protocols, called DPMC and Ds_sPMC, establish a join between the datasets of party CC and multiple delegators PP based on multiple identifiers and compute secret shares of associated values for the identifiers that the parties have in common. We introduce a rerandomizable encrypted oblivious pseudorandom function (OPRF) primitive, called EO, which allows two parties to encrypt, mask, and shuffle their data. Note that EO may be of independent interest. Our Ds_sPMC protocol limits the leakages of DPMC by combining our EO scheme and secure three-party shuffling. Finally, our implementation demonstrates the efficiency of our constructions by outperforming related works by approximately 10×10\times for the total protocol execution and by at least 20×20\times for the computation on the delegators

    Revealing Network Structure, Confidentially: Improved Rates for Node-Private Graphon Estimation

    Full text link
    Motivated by growing concerns over ensuring privacy on social networks, we develop new algorithms and impossibility results for fitting complex statistical models to network data subject to rigorous privacy guarantees. We consider the so-called node-differentially private algorithms, which compute information about a graph or network while provably revealing almost no information about the presence or absence of a particular node in the graph. We provide new algorithms for node-differentially private estimation for a popular and expressive family of network models: stochastic block models and their generalization, graphons. Our algorithms improve on prior work, reducing their error quadratically and matching, in many regimes, the optimal nonprivate algorithm. We also show that for the simplest random graph models (G(n,p)G(n,p) and G(n,m)G(n,m)), node-private algorithms can be qualitatively more accurate than for more complex models---converging at a rate of 1ϵ2n3\frac{1}{\epsilon^2 n^{3}} instead of 1ϵ2n2\frac{1}{\epsilon^2 n^2}. This result uses a new extension lemma for differentially private algorithms that we hope will be broadly useful

    Security and Privacy in Online Social Networks

    Get PDF
    The explosive growth of Online Social Networks (OSNs) over the past few years has redefined the way people interact with existing friends and especially make new friends. OSNs have also become a great new marketplace for trade among the users. However, the associated privacy risks make users vulnerable to severe privacy threats. In this dissertation, we design protocols for private distributed social proximity matching and a private distributed auction based marketplace framework for OSNs. In particular, an OSN user looks for matching profile attributes when trying to broaden his/her social circle. However, revealing private attributes is a potential privacy threat. Distributed private profile matching in OSNs mainly involves using cryptographic tools to compute profile attributes matching privately such that no participating user knows more than the common profile attributes. In this work, we define a new asymmetric distributed social proximity measure between two users in an OSN by taking into account the weighted profile attributes (communities) of the users and that of their friends’. For users with different privacy requirements, we design three private proximity matching protocols with increasing privacy levels. Our protocol with highest privacy level ensures that each user’s proximity threshold is satisfied before revealing any matching information. The use of e-commerce has exploded in the last decade along with the associated security and privacy risks. Frequent security breaches in the e-commerce service providers’ centralized servers compromise consumers’ sensitive private and financial information. Besides, a consumer’s purchase history stored in those servers can be used to reconstruct the consumer’s profile and for a variety of other privacy intrusive purposes like directed marketing. To this end, we propose a secure and private distributed auction framework called SPA, based on decentralized online social networks (DOSNs) for the first time in the literature. The participants in SPA require no trust among each other, trade anonymously, and the security and privacy of the auction is guaranteed. The efficiency, in terms of communication and computation, of proposed private auction protocol is at least an order of magnitude better than existing distributed private auction protocols and is suitable for marketplace with large number of participants

    The Montage Image Mosaic Service: Custom Image Mosaics On-Demand

    Get PDF
    The Montage software suite has proven extremely useful as a general engine for reprojecting, background matching, and mosaicking astronomical image data from a wide variety of sources. The processing algorithms support all common World Coordinate System (WCS) projections and have been shown to be both astrometrically accurate and flux conserving. The background ‘matching’ algorithm does not remove background flux but rather finds the best compromise background based on all the input and matches the individual images to that. The Infrared Science Archive (IRSA), part of the Infrared Processing and Analysis Center (IPAC) at Caltech, has now wrapped the Montage software as a CGI service and provided a compute and request management infrastructure capable of producing approximately 2 TBytes / day of image mosaic output (e.g. from 2MASS and SDSS data). Besides the basic Montage engine, this service makes use of a 16-node LINUX cluster (dual processor, dual core) and the ROME request management software developed by the National Virtual Observatory (NVO). ROME uses EJB/database technology to manage user requests, queue processing and load balance between users, and managing job monitoring and user notification. The Montage service will be extended to process userdefined data collections, including private data uploads

    A Fingerprint Matching Model using Unsupervised Learning Approach

    Get PDF
    The increase in the number of interconnected information systems and networks to the Internet has led to an increase in different security threats and violations such as unauthorised remote access. The existing network technologies and communication protocols are not well designed to deal with such problems. The recent explosive development in the Internet allowed unwelcomed visitors to gain access to private information and various resources such as financial institutions, hospitals, airports ... etc. Those resources comprise critical-mission systems and information which rely on certain techniques to achieve effective security. With the increasing use of IT technologies for managing information, there is a need for stronger authentication mechanisms such as biometrics which is expected to take over many of traditional authentication and identification solutions. Providing appropriate authentication and identification mechanisms such as biometrics not only ensures that the right users have access to resources and giving them the right privileges, but enables cybercrime forensics specialists to gather useful evidence whenever needed. Also, critical-mission resources and applications require mechanisms to detect when legitimate users try to misuse their privileges; certainly biometrics helps to provide such services. This paper investigates the field of biometrics as one of the recent developed mechanisms for user authentication and evidence gathering despite its limitations. A biometric-based solution model is proposed using various statistical-based unsupervised learning approaches for fingerprint matching. The proposed matching algorithm is based on three various similarity measures, Cosine similarity measure, Manhattan distance measure and Chebyshev distance measure. In this paper, we introduce a model which uses those similarity measures to compute a fingerprint’s matching factor. The calculated matching factor is based on a certain threshold value which could be used by a forensic specialist for deciding whether a suspicious user is actually the person who claims to be or not. A freely available fingerprint biometric SDK has been used to develop and implement the suggested algorithm. The major findings of the experiments showed promising and interesting results in terms of the performance of all the proposed similarity measures.Final Accepted Versio

    Private Computation: k-Connected versus 1-Connected Networks

    Get PDF
    We study the role of connectivity of communication networks in private computations under information theoretical settings in the honest-but-curious model. We show that some functions can be 1-privately computed even if the underlying network is 1-connected but not 2-connected. Then we give a complete characterisation of non-degenerate functions that can be 1-privately computed on non-2-connected networks. Furthermore, we present a technique for simulating 1-private protocols that work on arbitrary (complete) networks on k-connected networks. For this simulation, at most (1−k/(n−1))⋅L(1 - k/(n - 1)) \cdot L additional random bits are needed, where L is the number of bits exchanged in the original protocol and n is the number of players. Finally, we give matching lower and upper bounds for the number of random bits needed to compute the parity function on k-connected networks 1-privately, namely ⌈(n−2)/(k−1)⌉−1\lceil (n - 2)/(k - 1) \rceil - 1 random bits for networks consisting of n player
    • …
    corecore