210 likes | 324 Vues
Personal Privacy: Limited Disclosure using Cryptographic Techniques. Mark Shaneck Karthikeyan Mahadevan SCLab. What is Privacy.
 
                
                E N D
Personal Privacy: Limited Disclosure using Cryptographic Techniques Mark Shaneck Karthikeyan Mahadevan SCLab
What is Privacy • Privacy is the expectation that confidential personal information disclosed in a private place will not be disclosed to third parties, when that disclosure would cause either embarrassment or emotional distress to a person of reasonable sensitivities. • Information is interpreted broadly to include facts, images (e.g., photographs, videotapes), and disparaging opinions.
Privacy Invasion – Grocery Store • Using a credit card to pay for the groceries • The credit card information should be used only for the payment • What you buy should never be revealed to anyone. • This is a bird’s eye view of the problem. Although not serious please visit http://www.rbs2.com/privacy.htm for more interesting problems
A quotation • “The Home Office caused controversy last year when it attempted to allow a long list of public authorities to access records of individuals' telephone and Internet usage. This "communications data" -- phone numbers and e-mail addresses contacted, web sites visited, locations of mobile phones, etc. -- would have been available without any judicial oversight, under the Regulation of Investigatory Powers Act 2000” - London
What is Limited Disclosure • California passed a law, SB 27, requiring disclosure to consumers of the kinds of information companies collect and shared about them. [Takes effect from 2005] • As the title suggests we want to limit disclosure of personal information • In other words I and only I should provide access to my personal information.
Misuse of Personal Information • On average, 49% of victims did not know how their information was obtained. • Identity Theft • 27.3 million Americans have been victims of identity theft in the last five years • 67% of identity theft victims - more than 6.5 million victims in the last year - report that existing credit card accounts were misused. • www.idtheftcenter.com
Real Life Examples * • Almost 10 months after the World Trade Center attack, a widow found out that an identity clone had been living and working using her husband's information. • He had died during the attack. • A mother keeps receiving collection notices on her daughter's credit card accounts. • Her daughter died 17 years ago. * http://www.idtheftcenter.org/vg117.shtml
Other Scenarios • ISP Customer Information • Airlines – Passenger Information • Medical Databases • Of Course “Big – Brother” is omnipotent • Personal Privacy on the Internet – is a myth (http://www.epic.org/reports/surfer-beware.html)
Privacy Policy • Yes there is enough literature, documents and other resources on Privacy Policy • But how many of us read the privacy agreements? (Has anyone really read EULA?) • Policies are really like traffic rules, but we still need a cop to enforce it.
Privacy… • KYD’s example: AIDS website • P3P (Platform for Privacy Preference) • Privacy Tools • http://www.epic.org/privacy/tools.html • Other resourceful websites • Electronic Frontier Foundation www.eff.org • Center for Democracy and Technology www.cdt.org
Security in Databases • Designing databases with privacy as a central concern – Hippocratic Databases • Secure Databases – Executing SQL Queries over Encrypted Databases • Encrypted Keyword Search • There has a lot of good work done in this area.
Why this talk? • For our project we initially decided that we will solve one part of the Hippocratic Databases – Limited Disclosure • There is a solution based on P3P for limited disclosure • Cryptographic Techniques to provide limited disclosure is the theme of our project
Definitions • Kp = Pi=p to P ki (where P is some system parameter - length of storage agreement) • Let h be a hash function: h:{0,1}* => {0,1}m{1}1 • k0 = k • ki = h(ki-1)
Limited Disclosure - Setup • Chooses n = pq (p,q large primes) where p = 2x+1, q = 2y+1 (x, y large primes) • Chooses e, d, such that ed = 1 mod f(n) • Chooses Kp odd. • A stores meKP mod n and Kp, n with DB A DB
rd mod f(n), (rKp)-1 mod f(n) rd mod f(n) mrKp mod n Limited Disclosure Scheme Computes: (mrKp)(rKp)-1mod n A B DB Computes (meKp)rd mod n
What everybody knows Everything, of course N, p, q, f(n), e, d, k, h n, rd mod f(n), (rKp)-1 mod f(n) A B DB c, k, n, rd mod f(n)
Limited Disclosure - Key Update • Every night, DB computes: (meKp)kp-1 • A can now give authorization for some time in the future by computing the proper Kp and Kp-1 • A knows that the data will change, and does not want to give authorization until after the change, but wants to give the authorization token now)
Benefits • A is mostly offline (only needed when giving authorization, which can be done beforehand) • A keeps DB out of the loop when changing “access control lists” • Requires no authorization checking from DB. DB just responds to all queries with the encrypted data. • Disables B from checking if cached copy of A’s data is still valid (after expiration of authorization)
Lines of Thought • We think that e is used only by the owner of the data, can we keep this as a secret ? • Is this scheme secure ? • Can we use a symmetric key system ?
Future Work • Collaboration attack – Can we avoid this ? • Analyze the protocol for any security breaches • If possible provide a “Proof of security” • Tie this with P3P