personal privacy: limited disclosure using cryptographic techniques
DESCRIPTION
Personal Privacy: Limited Disclosure using Cryptographic Techniques. Mark Shaneck Karthikeyan Mahadevan SCLab. What is Privacy. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/1.jpg)
Personal Privacy: Limited Disclosure using Cryptographic Techniques
Mark ShaneckKarthikeyan Mahadevan
SCLab
![Page 2: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/2.jpg)
What is Privacy Privacy is the expectation that
confidential personal information disclosed in a private place will not be disclosed to third parties, when that disclosure would cause either embarrassment or emotional distress to a person of reasonable sensitivities.
Information is interpreted broadly to include facts, images (e.g., photographs, videotapes), and disparaging opinions.
![Page 3: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/3.jpg)
Privacy Invasion – Grocery Store Using a credit card to pay for the
groceries The credit card information should be
used only for the payment What you buy should never be revealed
to anyone. This is a bird’s eye view of the problem.
Although not serious please visit http://www.rbs2.com/privacy.htm for more interesting problems
![Page 4: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/4.jpg)
A quotation “The Home Office caused controversy last
year when it attempted to allow a long list of public authorities to access records of individuals' telephone and Internet usage. This "communications data" -- phone numbers and e-mail addresses contacted, web sites visited, locations of mobile phones, etc. -- would have been available without any judicial oversight, under the Regulation of Investigatory Powers Act 2000” - London
![Page 5: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/5.jpg)
What is Limited Disclosure California passed a law, SB 27, requiring
disclosure to consumers of the kinds of information companies collect and shared about them. [Takes effect from 2005]
As the title suggests we want to limit disclosure of personal information
In other words I and only I should provide access to my personal information.
![Page 6: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/6.jpg)
Misuse of Personal Information On average, 49% of victims did not know
how their information was obtained. Identity Theft
27.3 million Americans have been victims of identity theft in the last five years
67% of identity theft victims - more than 6.5 million victims in the last year - report that existing credit card accounts were misused.
www.idtheftcenter.com
![Page 7: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/7.jpg)
Real Life Examples * Almost 10 months after the World Trade
Center attack, a widow found out that an identity clone had been living and working using her husband's information.
He had died during the attack. A mother keeps receiving collection
notices on her daughter's credit card accounts.
Her daughter died 17 years ago. * http://www.idtheftcenter.org/vg117.shtml
![Page 8: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/8.jpg)
Other Scenarios ISP Customer Information Airlines – Passenger Information Medical Databases Of Course “Big – Brother” is
omnipotent Personal Privacy on the Internet – is
a myth (http://www.epic.org/reports/surfer-beware.html)
![Page 9: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/9.jpg)
Privacy Policy
Yes there is enough literature, documents and other resources on Privacy Policy
But how many of us read the privacy agreements? (Has anyone really read EULA?)
Policies are really like traffic rules, but we still need a cop to enforce it.
![Page 10: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/10.jpg)
Privacy… KYD’s example: AIDS website P3P (Platform for Privacy Preference) Privacy Tools
http://www.epic.org/privacy/tools.html Other resourceful websites
Electronic Frontier Foundation www.eff.org
Center for Democracy and Technology www.cdt.org
![Page 11: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/11.jpg)
Security in Databases
Designing databases with privacy as a central concern – Hippocratic Databases
Secure Databases – Executing SQL Queries over Encrypted Databases
Encrypted Keyword Search There has a lot of good work done
in this area.
![Page 12: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/12.jpg)
Why this talk? For our project we initially decided
that we will solve one part of the Hippocratic Databases – Limited Disclosure
There is a solution based on P3P for limited disclosure
Cryptographic Techniques to provide limited disclosure is the theme of our project
![Page 13: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/13.jpg)
Definitions
Kp = i=p to P ki (where P is some system parameter - length of storage agreement)
Let h be a hash function: h:{0,1}* => {0,1}m{1}1
k0 = k ki = h(ki-1)
![Page 14: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/14.jpg)
Limited Disclosure - Setup
A
DB
•Chooses n = pq (p,q large primes) where p = 2x+1, q = 2y+1 (x, y large primes)•Chooses e, d, such that ed = 1 mod (n)•Chooses Kp odd.•A stores meKP mod n and Kp, n with DB
![Page 15: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/15.jpg)
Limited Disclosure Scheme
A B
DB
rd mod (n), (rKp)-1 mod (n)
rd mod (n)
mrKp mod n
Computes (meKp)rd mod n
Computes:(mrKp)(rKp)
-1
mod n
![Page 16: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/16.jpg)
What everybody knows
A B
DB
Everything, of courseN, p, q, (n), e, d, k, h
c, k, n, rd mod (n)
n, rd mod (n), (rKp)-1 mod (n)
![Page 17: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/17.jpg)
Limited Disclosure - Key Update Every night, DB computes:
(meKp)kp-1
A can now give authorization for some time in the future by computing the proper Kp and Kp
-1
A knows that the data will change, and does not want to give authorization until after the change, but wants to give the authorization token now)
![Page 18: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/18.jpg)
Benefits A is mostly offline (only needed when giving
authorization, which can be done beforehand)
A keeps DB out of the loop when changing “access control lists”
Requires no authorization checking from DB. DB just responds to all queries with the encrypted data.
Disables B from checking if cached copy of A’s data is still valid (after expiration of authorization)
![Page 19: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/19.jpg)
Lines of Thought
We think that e is used only by the owner of the data, can we keep this as a secret ?
Is this scheme secure ? Can we use a symmetric key
system ?
![Page 20: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/20.jpg)
Future Work
Collaboration attack – Can we avoid this ?
Analyze the protocol for any security breaches
If possible provide a “Proof of security”
Tie this with P3P
![Page 21: Personal Privacy: Limited Disclosure using Cryptographic Techniques](https://reader034.vdocuments.mx/reader034/viewer/2022050909/56815747550346895dc4e95f/html5/thumbnails/21.jpg)
Questions .. Suggestions ?