On Non-Parallelizable Deterministic Client Puzzle Scheme with Batch Verification Modes

A (computational) client puzzle scheme enables a client to prove to a server that a certain amount of computing resources (CPU cycles and/or Memory look-ups) has been dedicated to solve a puzzle. Researchers have identified a number of potential applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from DoS attacks. In this paper, we first revisit this concept and formally define two properties, namely deterministic computation and parallel computation resistance. Our analysis show that both properties are crucial for the effectiveness of client puzzle schemes in most application scenarios. We prove that the RSW client puzzle scheme, which is based on the repeated squaring technique, achieves both properties. Secondly, we introduce two batch verification modes for the RSW client puzzle scheme in order to improve the verification efficiency of the server, and investigate three methods for handling errors in batch verifications. Lastly, we show that client puzzle schemes can be integrated with reputation systems to further improve the effectiveness in practice

Literature Overview - Privacy in Online Social Networks

In recent years, Online Social Networks (OSNs) have become an important\ud part of daily life for many. Users build explicit networks to represent their\ud social relationships, either existing or new. Users also often upload and share a plethora of information related to their personal lives. The potential privacy risks of such behavior are often underestimated or ignored. For example, users often disclose personal information to a larger audience than intended. Users may even post information about others without their consent. A lack of experience and awareness in users, as well as proper tools and design of the OSNs, perpetuate the situation. This paper aims to provide insight into such privacy issues and looks at OSNs, their associated privacy risks, and existing research into solutions. The final goal is to help identify the research directions for the Kindred Spirits project

Cryptographically-Enhanced Privacy for Recommender Systems

Automated recommender systems are used to help people find interesting content or persons in the vast amount of information available via the internet. There are different types of recommender systems, for example collaborative filtering systems and content-based recommender systems. However, all recommender systems share a common trait: in order to generate personalized recommendations, they require information on the attributes, demands, or preferences of the user. Typically, the more detailed the information related to the user is, the more accurate the recommendations for the user are. Service providers running the recommender systems collect large amounts of personal information to ensure accurate recommendations. This data must be protected to increase the privacy of all participating users. Privacy is typically enhanced through one (or more) of three methods: (1) decentralization, (2) introduction of uncertainty, and (3) secure computation. Decentralization aims to remove the central service provider and gives more control to the individual users. However, decentralized systems cannot guarantee the availability of data as users go online and offline as they please. Furthermore, no single entity is responsible for data that does not belong to a specific user (such as item data). Uncertainty is typically introduced by adding random noise to the data, which provides a mask over the user information. However, this noise negatively impacts the accuracy of the recommender system. When the users introduce their own noise, then the system consists mainly of noise. To preserve accuracy, only the service provider introduces noise, therefore no privacy is achieved against the service provider. Secure computation protects the data that is used during the computation of recommendations by providing confidentiality, both at rest and during computation. However, it suffers from a large computational overhead, due to the use of cryptography and secure multi-party protocols. In this thesis we focus on the use of secure computation to enhance the privacy of recommender systems, where we strive to make the computations as efficient as possible. To provide this, we build specialized secure computation protocols based on homomorphic encryption schemes and secure multi-party computation. Each protocol is tailored to the specific problem that is addressed, with a minimum of expensive operations and interactions. These protocols address the following challenges: (1) fostering cooperation between competing service providers, (2) coping with the unavailability of users, and (3) dealing with malicious intent by the users. Cooperating service providers are able to leverage each others databases to provide better recommendations. However, privacy of users and secrecy of a service provider’s database normally prevents competing service providers from collaborating based on sharing their plain-text databases. We provide a secure protocol that allows competing service providers to collaborate and share their respective databases of information, without leaking the database to the competitor. Most existing secure computation protocols for recommender systems require interaction between the service provider and its users, which makes unavailability of users a serious issue. Secure computation protocols that do not rely on the availability of users are therefore preferred. We contribute a secure protocol that allows users to be unavailable during the computation of a recommendation for a specific user (this specific user is still required to be online). The typical approach to deal with unavailable users is to introduce a second (independent) server, which needs to be (partly) trusted by the users. Our protocol does not rely on an additional server, but instead relies on existing trust relationships (e. g. friendship) between users who wish to share their preferences. In general, secure computation protocols for recommender systems assume honest behaviour of participating users. However, this assumption is not valid in most cases, as users attempt to exploit the recommender system for their own gain. More robust protocols for recommender systems are preferred. We present a secure framework for recommender systems that can cope with malicious user behaviour. The framework consists of two protocols for users to update ratings and retrieve recommendations. The framework can be instantiated with different types of recommender systems

Efficient Client Puzzle Schemes to Mitigate DoS Attacks

A (computational) client puzzle scheme enables a client to prove to a server that a certain amount of computing resources (CPU cycles and/or Memory look-ups) has been dedicated to solve a puzzle. In a number of different scenarios, researchers have applied client puzzle schemes to mitigate DoS attacks. In this paper, we introduce two batch verification modes for the RSW client puzzle scheme in order to improve the verification efficiency for the server, and investigate three methods for handling incorrect solutions in batch verifications

Towards a security model for computational puzzle schemes

In the literature, computational puzzle schemes have been considered as a useful tool for a number of applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from denial-of-service attacks. However, there is a lack of a general security model for studying these schemes. In this paper, we propose such a security model and formally define two properties, namely the determinable difficulty property and the parallel computation resistance property. Furthermore, we prove that a variant of the RSW scheme, proposed by Rivest, Shamir, and Wagner, achieves both properties

POSTER: Privacy-Preserving Profile Similarity Computation in Online Social Networks

Currently, none of the existing online social networks (OSNs) enables its users to make new friends without revealing their private information. This leaves the users in a vulnerable position when searching for new friends. We propose a solution which enables a user to compute her profile similarity with another user in a privacy-preserving way. Our solution is designed for a realistic OSN environment, where a pair of users is unlikely to be online at the same time

Efficient privacy-enhanced familiarity-based recommender system

Recommender systems can help users to find interesting content, often based on similarity with other users. However, studies have shown that in some cases familiarity gives comparable results to similarity. Using familiarity has the added bonus of increasing privacy between users and utilizing a smaller dataset. In this paper, we propose an efficient privacy-enhanced recommender system that is based on familiarity. It is built on top of any given social network (without changing its behaviour) that already has information about the social relations between users. Using secure multi-party computation techniques and somewhat homomorphic encryption the privacy of the users can be ensured, assuming honest-but-curious participants. Two different solutions are given, one where all users are online, and another where most users are offline. Initial results on a prototype and a dataset of 50 familiar users and 1000 items show a recommendation time of four minutes for the solution with online users and of five minutes for the solution with offline users