9,153 research outputs found
Crowd-ML: A Privacy-Preserving Learning Framework for a Crowd of Smart Devices
Smart devices with built-in sensors, computational capabilities, and network
connectivity have become increasingly pervasive. The crowds of smart devices
offer opportunities to collectively sense and perform computing tasks in an
unprecedented scale. This paper presents Crowd-ML, a privacy-preserving machine
learning framework for a crowd of smart devices, which can solve a wide range
of learning problems for crowdsensing data with differential privacy
guarantees. Crowd-ML endows a crowdsensing system with an ability to learn
classifiers or predictors online from crowdsensing data privately with minimal
computational overheads on devices and servers, suitable for a practical and
large-scale employment of the framework. We analyze the performance and the
scalability of Crowd-ML, and implement the system with off-the-shelf
smartphones as a proof of concept. We demonstrate the advantages of Crowd-ML
with real and simulated experiments under various conditions
ClaimChain: Improving the Security and Privacy of In-band Key Distribution for Messaging
The social demand for email end-to-end encryption is barely supported by
mainstream service providers. Autocrypt is a new community-driven open
specification for e-mail encryption that attempts to respond to this demand. In
Autocrypt the encryption keys are attached directly to messages, and thus the
encryption can be implemented by email clients without any collaboration of the
providers. The decentralized nature of this in-band key distribution, however,
makes it prone to man-in-the-middle attacks and can leak the social graph of
users. To address this problem we introduce ClaimChain, a cryptographic
construction for privacy-preserving authentication of public keys. Users store
claims about their identities and keys, as well as their beliefs about others,
in ClaimChains. These chains form authenticated decentralized repositories that
enable users to prove the authenticity of both their keys and the keys of their
contacts. ClaimChains are encrypted, and therefore protect the stored
information, such as keys and contact identities, from prying eyes. At the same
time, ClaimChain implements mechanisms to provide strong non-equivocation
properties, discouraging malicious actors from distributing conflicting or
inauthentic claims. We implemented ClaimChain and we show that it offers
reasonable performance, low overhead, and authenticity guarantees.Comment: Appears in 2018 Workshop on Privacy in the Electronic Society
(WPES'18
Cryptographically Secure Information Flow Control on Key-Value Stores
We present Clio, an information flow control (IFC) system that transparently
incorporates cryptography to enforce confidentiality and integrity policies on
untrusted storage. Clio insulates developers from explicitly manipulating keys
and cryptographic primitives by leveraging the policy language of the IFC
system to automatically use the appropriate keys and correct cryptographic
operations. We prove that Clio is secure with a novel proof technique that is
based on a proof style from cryptography together with standard programming
languages results. We present a prototype Clio implementation and a case study
that demonstrates Clio's practicality.Comment: Full version of conference paper appearing in CCS 201
- …