personal privacy limited disclosure using cryptographic techniques l.
Skip this Video
Loading SlideShow in 5 Seconds..
Personal Privacy: Limited Disclosure using Cryptographic Techniques PowerPoint Presentation
Download Presentation
Personal Privacy: Limited Disclosure using Cryptographic Techniques

Loading in 2 Seconds...

play fullscreen
1 / 21

Personal Privacy: Limited Disclosure using Cryptographic Techniques - PowerPoint PPT Presentation

  • Uploaded on

Personal Privacy: Limited Disclosure using Cryptographic Techniques Mark Shaneck Karthikeyan Mahadevan SCLab What is Privacy

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Personal Privacy: Limited Disclosure using Cryptographic Techniques' - ostinmannual

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
personal privacy limited disclosure using cryptographic techniques

Personal Privacy: Limited Disclosure using Cryptographic Techniques

Mark Shaneck

Karthikeyan Mahadevan


what is privacy
What is Privacy
  • Privacy is the expectation that confidential personal information disclosed in a private place will not be disclosed to third parties, when that disclosure would cause either embarrassment or emotional distress to a person of reasonable sensitivities.
  • Information is interpreted broadly to include facts, images (e.g., photographs, videotapes), and disparaging opinions.
privacy invasion grocery store
Privacy Invasion – Grocery Store
  • Using a credit card to pay for the groceries
  • The credit card information should be used only for the payment
  • What you buy should never be revealed to anyone.
  • This is a bird’s eye view of the problem. Although not serious please visit for more interesting problems
a quotation
A quotation
  • “The Home Office caused controversy last year when it attempted to allow a long list of public authorities to access records of individuals' telephone and Internet usage. This "communications data" -- phone numbers and e-mail addresses contacted, web sites visited, locations of mobile phones, etc. -- would have been available without any judicial oversight, under the Regulation of Investigatory Powers Act 2000” - London
what is limited disclosure
What is Limited Disclosure
  • California passed a law, SB 27, requiring disclosure to consumers of the kinds of information companies collect and shared about them. [Takes effect from 2005]
  • As the title suggests we want to limit disclosure of personal information
  • In other words I and only I should provide access to my personal information.
misuse of personal information
Misuse of Personal Information
  • On average, 49% of victims did not know how their information was obtained.
  • Identity Theft
    • 27.3 million Americans have been victims of identity theft in the last five years
  • 67% of identity theft victims - more than 6.5 million victims in the last year - report that existing credit card accounts were misused.
real life examples
Real Life Examples *
  • Almost 10 months after the World Trade Center attack, a widow found out that an identity clone had been living and working using her husband's information.
  • He had died during the attack.
  • A mother keeps receiving collection notices on her daughter's credit card accounts.
  • Her daughter died 17 years ago.


other scenarios
Other Scenarios
  • ISP Customer Information
  • Airlines – Passenger Information
  • Medical Databases
  • Of Course “Big – Brother” is omnipotent
  • Personal Privacy on the Internet – is a myth (
privacy policy
Privacy Policy
  • Yes there is enough literature, documents and other resources on Privacy Policy
  • But how many of us read the privacy agreements? (Has anyone really read EULA?)
  • Policies are really like traffic rules, but we still need a cop to enforce it.
  • KYD’s example: AIDS website
  • P3P (Platform for Privacy Preference)
  • Privacy Tools
  • Other resourceful websites
    • Electronic Frontier Foundation
    • Center for Democracy and Technology
security in databases
Security in Databases
  • Designing databases with privacy as a central concern – Hippocratic Databases
  • Secure Databases – Executing SQL Queries over Encrypted Databases
  • Encrypted Keyword Search
  • There has a lot of good work done in this area.
why this talk
Why this talk?
  • For our project we initially decided that we will solve one part of the Hippocratic Databases – Limited Disclosure
  • There is a solution based on P3P for limited disclosure
  • Cryptographic Techniques to provide limited disclosure is the theme of our project
  • Kp = Pi=p to P ki (where P is some system parameter - length of storage agreement)
  • Let h be a hash function: h:{0,1}* => {0,1}m{1}1
  • k0 = k
  • ki = h(ki-1)
limited disclosure setup
Limited Disclosure - Setup
  • Chooses n = pq (p,q large primes) where p = 2x+1, q = 2y+1 (x, y large primes)
  • Chooses e, d, such that ed = 1 mod f(n)
  • Chooses Kp odd.
  • A stores meKP mod n and Kp, n with DB



limited disclosure scheme

rd mod f(n), (rKp)-1 mod f(n)

rd mod f(n)

mrKp mod n

Limited Disclosure Scheme


(mrKp)(rKp)-1mod n




Computes (meKp)rd mod n

what everybody knows
What everybody knows

Everything, of course

N, p, q, f(n), e, d, k, h

n, rd mod f(n), (rKp)-1 mod f(n)




c, k, n, rd mod f(n)

limited disclosure key update
Limited Disclosure - Key Update
  • Every night, DB computes: (meKp)kp-1
  • A can now give authorization for some time in the future by computing the proper Kp and Kp-1
    • A knows that the data will change, and does not want to give authorization until after the change, but wants to give the authorization token now)
  • A is mostly offline (only needed when giving authorization, which can be done beforehand)
  • A keeps DB out of the loop when changing “access control lists”
  • Requires no authorization checking from DB. DB just responds to all queries with the encrypted data.
  • Disables B from checking if cached copy of A’s data is still valid (after expiration of authorization)
lines of thought
Lines of Thought
  • We think that e is used only by the owner of the data, can we keep this as a secret ?
  • Is this scheme secure ?
  • Can we use a symmetric key system ?
future work
Future Work
  • Collaboration attack – Can we avoid this ?
  • Analyze the protocol for any security breaches
  • If possible provide a “Proof of security”
  • Tie this with P3P