Personal privacy limited disclosure using cryptographic techniques l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 21

Personal Privacy: Limited Disclosure using Cryptographic Techniques PowerPoint PPT Presentation

Personal Privacy: Limited Disclosure using Cryptographic Techniques Mark Shaneck Karthikeyan Mahadevan SCLab What is Privacy

Download Presentation

Personal Privacy: Limited Disclosure using Cryptographic Techniques

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Personal privacy limited disclosure using cryptographic techniques l.jpg

Personal Privacy: Limited Disclosure using Cryptographic Techniques

Mark Shaneck

Karthikeyan Mahadevan

SCLab


What is privacy l.jpg

What is Privacy

  • Privacy is the expectation that confidential personal information disclosed in a private place will not be disclosed to third parties, when that disclosure would cause either embarrassment or emotional distress to a person of reasonable sensitivities.

  • Information is interpreted broadly to include facts, images (e.g., photographs, videotapes), and disparaging opinions.


Privacy invasion grocery store l.jpg

Privacy Invasion – Grocery Store

  • Using a credit card to pay for the groceries

  • The credit card information should be used only for the payment

  • What you buy should never be revealed to anyone.

  • This is a bird’s eye view of the problem. Although not serious please visit http://www.rbs2.com/privacy.htm for more interesting problems


A quotation l.jpg

A quotation

  • “The Home Office caused controversy last year when it attempted to allow a long list of public authorities to access records of individuals' telephone and Internet usage. This "communications data" -- phone numbers and e-mail addresses contacted, web sites visited, locations of mobile phones, etc. -- would have been available without any judicial oversight, under the Regulation of Investigatory Powers Act 2000” - London


What is limited disclosure l.jpg

What is Limited Disclosure

  • California passed a law, SB 27, requiring disclosure to consumers of the kinds of information companies collect and shared about them. [Takes effect from 2005]

  • As the title suggests we want to limit disclosure of personal information

  • In other words I and only I should provide access to my personal information.


Misuse of personal information l.jpg

Misuse of Personal Information

  • On average, 49% of victims did not know how their information was obtained.

  • Identity Theft

    • 27.3 million Americans have been victims of identity theft in the last five years

  • 67% of identity theft victims - more than 6.5 million victims in the last year - report that existing credit card accounts were misused.

  • www.idtheftcenter.com


Real life examples l.jpg

Real Life Examples *

  • Almost 10 months after the World Trade Center attack, a widow found out that an identity clone had been living and working using her husband's information.

  • He had died during the attack.

  • A mother keeps receiving collection notices on her daughter's credit card accounts.

  • Her daughter died 17 years ago.

* http://www.idtheftcenter.org/vg117.shtml


Other scenarios l.jpg

Other Scenarios

  • ISP Customer Information

  • Airlines – Passenger Information

  • Medical Databases

  • Of Course “Big – Brother” is omnipotent

  • Personal Privacy on the Internet – is a myth (http://www.epic.org/reports/surfer-beware.html)


Privacy policy l.jpg

Privacy Policy

  • Yes there is enough literature, documents and other resources on Privacy Policy

  • But how many of us read the privacy agreements? (Has anyone really read EULA?)

  • Policies are really like traffic rules, but we still need a cop to enforce it.


Privacy l.jpg

Privacy…

  • KYD’s example: AIDS website

  • P3P (Platform for Privacy Preference)

  • Privacy Tools

    • http://www.epic.org/privacy/tools.html

  • Other resourceful websites

    • Electronic Frontier Foundation www.eff.org

    • Center for Democracy and Technology www.cdt.org


Security in databases l.jpg

Security in Databases

  • Designing databases with privacy as a central concern – Hippocratic Databases

  • Secure Databases – Executing SQL Queries over Encrypted Databases

  • Encrypted Keyword Search

  • There has a lot of good work done in this area.


Why this talk l.jpg

Why this talk?

  • For our project we initially decided that we will solve one part of the Hippocratic Databases – Limited Disclosure

  • There is a solution based on P3P for limited disclosure

  • Cryptographic Techniques to provide limited disclosure is the theme of our project


Definitions l.jpg

Definitions

  • Kp = Pi=p to P ki (where P is some system parameter - length of storage agreement)

  • Let h be a hash function: h:{0,1}* => {0,1}m{1}1

  • k0 = k

  • ki = h(ki-1)


Limited disclosure setup l.jpg

Limited Disclosure - Setup

  • Chooses n = pq (p,q large primes) where p = 2x+1, q = 2y+1 (x, y large primes)

  • Chooses e, d, such that ed = 1 mod f(n)

  • Chooses Kp odd.

  • A stores meKP mod n and Kp, n with DB

A

DB


Limited disclosure scheme l.jpg

rd mod f(n), (rKp)-1 mod f(n)

rd mod f(n)

mrKp mod n

Limited Disclosure Scheme

Computes:

(mrKp)(rKp)-1mod n

A

B

DB

Computes (meKp)rd mod n


What everybody knows l.jpg

What everybody knows

Everything, of course

N, p, q, f(n), e, d, k, h

n, rd mod f(n), (rKp)-1 mod f(n)

A

B

DB

c, k, n, rd mod f(n)


Limited disclosure key update l.jpg

Limited Disclosure - Key Update

  • Every night, DB computes:(meKp)kp-1

  • A can now give authorization for some time in the future by computing the proper Kp and Kp-1

    • A knows that the data will change, and does not want to give authorization until after the change, but wants to give the authorization token now)


Benefits l.jpg

Benefits

  • A is mostly offline (only needed when giving authorization, which can be done beforehand)

  • A keeps DB out of the loop when changing “access control lists”

  • Requires no authorization checking from DB. DB just responds to all queries with the encrypted data.

  • Disables B from checking if cached copy of A’s data is still valid (after expiration of authorization)


Lines of thought l.jpg

Lines of Thought

  • We think that e is used only by the owner of the data, can we keep this as a secret ?

  • Is this scheme secure ?

  • Can we use a symmetric key system ?


Future work l.jpg

Future Work

  • Collaboration attack – Can we avoid this ?

  • Analyze the protocol for any security breaches

  • If possible provide a “Proof of security”

  • Tie this with P3P


Questions suggestions l.jpg

Questions .. Suggestions ?


  • Login