10,044 research outputs found

    Security of Linear Secret-Sharing Schemes against Mass Surveillance

    Get PDF
    Following the line of work presented recently by Bellare, Paterson and Rogaway, we formalize and investigate the resistance of linear secret-sharing schemes to mass surveillance. This primitive is widely used to design IT systems in the modern computer world, and often it is implemented by a proprietary code that the provider (“big brother”) could manipulate to covertly violate the privacy of the users (by implementing Algorithm-Substitution Attacks or ASAs). First, we formalize the security notion that expresses the goal of big brother and prove that for any linear secret-sharing scheme there exists an undetectable subversion of it that efficiently allows surveillance. Second, we formalize the security notion that assures that a sharing scheme is secure against ASAs and construct the first sharing scheme that meets this notion. This work could serve as an important building block towards constructing systems secure against mass surveillance

    Privacy-Preserving Observation in Public Spaces

    Get PDF
    One method of privacy-preserving accounting or billing in cyber-physical systems, such as electronic toll collection or public transportation ticketing, is to have the user present an encrypted record of transactions and perform the accounting or billing computation securely on them. Honesty of the user is ensured by spot checking the record for some selected surveyed transactions. But how much privacy does that give the user, i.e. how many transactions need to be surveyed? It turns out that due to collusion in mass surveillance all transactions need to be observed, i.e. this method of spot checking provides no privacy at all. In this paper we present a cryptographic solution to the spot checking problem in cyber-physical systems. Users carry an authentication device that authenticates only based on fair random coins. The probability can be set high enough to allow for spot checking, but in all other cases privacy is perfectly preserved. We analyze our protocol for computational efficiency and show that it can be efficiently implemented even on plat- forms with limited computing resources, such as smart cards and smart phones

    A Privacy Preserving Framework for RFID Based Healthcare Systems

    Get PDF
    RFID (Radio Frequency IDentification) is anticipated to be a core technology that will be used in many practical applications of our life in near future. It has received considerable attention within the healthcare for almost a decade now. The technology’s promise to efficiently track hospital supplies, medical equipment, medications and patients is an attractive proposition to the healthcare industry. However, the prospect of wide spread use of RFID tags in the healthcare area has also triggered discussions regarding privacy, particularly because RFID data in transit may easily be intercepted and can be send to track its user (owner). In a nutshell, this technology has not really seen its true potential in healthcare industry since privacy concerns raised by the tag bearers are not properly addressed by existing identification techniques. There are two major types of privacy preservation techniques that are required in an RFID based healthcare system—(1) a privacy preserving authentication protocol is required while sensing RFID tags for different identification and monitoring purposes, and (2) a privacy preserving access control mechanism is required to restrict unauthorized access of private information while providing healthcare services using the tag ID. In this paper, we propose a framework (PriSens-HSAC) that makes an effort to address the above mentioned two privacy issues. To the best of our knowledge, it is the first framework to provide increased privacy in RFID based healthcare systems, using RFID authentication along with access control technique

    Crumpled and Abraded Encryption: Implementation and Provably Secure Construction

    Get PDF
    Abraded and crumpled encryption allows communication software such as messaging platforms to ensure privacy for their users while still allowing for some investigation by law enforcement. Crumpled encryption ensures that each decryption is costly and prevents law enforcement from performing mass decryption of messages. Abrasion ensures that only large organizations like law enforcement are able to access any messages. The current abrasion construction uses public key parameters such as prime numbers which makes the abrasion scheme difficult to analyze and allows possible backdoors. In this thesis, we introduce a new abrasion construction which uses hash functions to avoid the problems with the current abrasion construction. In addition, we present a proof-of-concept for using crumpled encryption on an email server

    Efficient Anonymous Biometric Matching in Privacy-Aware Environments

    Get PDF
    Video surveillance is an important tool used in security and environmental monitoring, however, the widespread deployment of surveillance cameras has raised serious privacy concerns. Many privacy-enhancing schemes have been recently proposed to automatically redact images of selected individuals in the surveillance video for protection. To identify these individuals for protection, the most reliable approach is to use biometric signals as they are immutable and highly discriminative. If misused, these characteristics of biometrics can seriously defeat the goal of privacy protection. In this dissertation, an Anonymous Biometric Access Control (ABAC) procedure is proposed based on biometric signals for privacy-aware video surveillance. The ABAC procedure uses Secure Multi-party Computational (SMC) based protocols to verify membership of an incoming individual without knowing his/her true identity. To make SMC-based protocols scalable to large biometric databases, I introduce the k-Anonymous Quantization (kAQ) framework to provide an effective and secure tradeoff of privacy and complexity. kAQ limits systems knowledge of the incoming individual to k maximally dissimilar candidates in the database, where k is a design parameter that controls the amount of complexity-privacy tradeoff. The relationship between biometric similarity and privacy is experimentally validated using a twin iris database. The effectiveness of the entire system is demonstrated based on a public iris biometric database. To provide the protected subjects with full access to their privacy information in video surveillance system, I develop a novel privacy information management system that allows subjects to access their information via the same biometric signals used for ABAC. The system is composed of two encrypted-domain protocols: the privacy information encryption protocol encrypts the original video records using the iris pattern acquired during ABAC procedure; the privacy information retrieval protocol allows the video records to be anonymously retrieved through a GC-based iris pattern matching process. Experimental results on a public iris biometric database demonstrate the validity of my framework

    Cryptographic reverse firewalls for interactive proof systems

    Get PDF
    We study interactive proof systems (IPSes) in a strong adversarial setting where the machines of *honest parties* might be corrupted and under control of the adversary. Our aim is to answer the following, seemingly paradoxical, questions: - Can Peggy convince Vic of the veracity of an NP statement, without leaking any information about the witness even in case Vic is malicious and Peggy does not trust her computer? - Can we avoid that Peggy fools Vic into accepting false statements, even if Peggy is malicious and Vic does not trust her computer? At EUROCRYPT 2015, Mironov and Stephens-Davidowitz introduced cryptographic reverse firewalls (RFs) as an attractive approach to tackling such questions. Intuitively, a RF for Peggy/Vic is an external party that sits between Peggy/Vic and the outside world and whose scope is to sanitize Peggy's/Vic's incoming and outgoing messages in the face of subversion of her/his computer, e.g. in order to destroy subliminal channels. In this paper, we put forward several natural security properties for RFs in the concrete setting of IPSes. As our main contribution, we construct efficient RFs for different IPSes derived from a large class of Sigma protocols that we call malleable. A nice feature of our design is that it is completely transparent, in the sense that our RFs can be directly applied to already deployed IPSes, without the need to re-implement them

    Secure Computation over Lattices and Elliptic Curves

    Get PDF
    Traditional threshold cryptosystems have decentralized core cryptographic primitives like key generation, decryption and signatures. Most threshold cryptosystems, however, rely on special purpose protocols that cannot easily be integrated into more complex multiparty protocols. In this work, we design and implement decentralized versions of lattice-based and elliptic-curve-based public-key cryptoystems using generic secure multiparty computation (MPC) protocols. These are standard cryptosystems, so we introduce no additional work for encrypting devices and no new assumptions beyond those of the generic MPC framework. Both cryptosystems are also additively homomorphic, which allows for secure additions directly on ciphertexts. By using generic MPC techniques, our multiparty decryption protocols compute secret-shares of the plaintext, whereas most special-purpose cryptosystems either do not support decryption or must reveal the decryptions in the clear. Our method allows complex functions to be securely evaluated after decryption, revealing only the results of the functions and not the plaintexts themselves. To improve performance, we present a novel oblivious elliptic curve multiplication protocol and a new noise-masking technique which may be of independent interest. We implemented our protocols using the SCALE-MAMBA secure multiparty computation platform, which provides security against malicious adversaries and supports arbitrary numbers of participants

    Scalable and Robust Distributed Algorithms for Privacy-Preserving Applications

    Get PDF
    We live in an era when political and commercial entities are increasingly engaging in sophisticated cyber attacks to damage, disrupt, or censor information content and to conduct mass surveillance. By compiling various patterns from user data over time, untrusted parties could create an intimate picture of sensitive personal information such as political and religious beliefs, health status, and so forth. In this dissertation, we study scalable and robust distributed algorithms that guarantee user privacy when communicating with other parties to either solely exchange information or participate in multi-party computations. We consider scalability and robustness requirements in three privacy-preserving areas: secure multi-party computation (MPC), anonymous broadcast, and blocking-resistant Tor bridge distribution. We propose decentralized algorithms for MPC that, unlike most previous work, scale well with the number of parties and tolerate malicious faults from a large fraction of the parties. Our algorithms do not require any trusted party and are fully load-balanced. Anonymity is an essential tool for achieving privacy; it enables individuals to communicate with each other without being identified as the sender or the receiver of the information being exchanged. We show that our MPC algorithms can be effectively used to design a scalable anonymous broadcast protocol. We do this by developing a multi-party shuffling protocol that can efficiently anonymize a sequence of messages in the presence of many faulty nodes. Our final approach for preserving user privacy in cyberspace is to improve Tor; the most popular anonymity network in the Internet. A current challenge with Tor is that colluding corrupt users inside a censorship territory can completely block user\u27s access to Tor by obtaining information about a large fraction of Tor bridges; a type of relay nodes used as the Tor\u27s primary mechanism for blocking-resistance. We describe a randomized bridge distribution algorithm, where all honest users are guaranteed to connect to Tor in the presence of an adversary corrupting an unknown number of users. Our simulations suggest that, with minimal resource costs, our algorithm can guarantee Tor access for all honest users after a small (logarithmic) number of rounds
    • …
    corecore