More Web Proxy on the site http://driver.im/

Article

Efficient techniques for privacy-preserving sharing of sensitive information

Authors:

Emiliano De Cristofaro,

Gene TsudikAuthors Info & Claims

TRUST'11: Proceedings of the 4th international conference on Trust and trustworthy computing

Pages 239 - 253

Published: 22 June 2011 Publication History

Abstract

The need for privacy-preserving sharing of sensitive information occurs in many different and realistic everyday scenarios, ranging from national security to social networking. A typical setting involves two parties: one seeks information from the other without revealing the interest while the latter is either willing, or compelled, to share only the requested information. This poses two challenges: (1) how to enable sharing such that parties learn no information beyond what they are entitled to, and (2) how to do so efficiently, in real-world practical terms. This paper explores the notion of Privacy-Preserving Sharing of Sensitive Information (PPSSI), and provides a concrete and efficient instantiation, modeled in the context of simple database querying. Proposed approach functions as a privacy shield to protect parties from disclosing more than the required minimum of their respective sensitive information. PPSSI deployment prompts several challenges, which are addressed in this paper. Extensive experimental results attest to the practicality of attained privacy features and show that our approach incurs quite low overhead (e.g., 10% slower than standard MySQL).

References

[1]

Asonov, D., Freytag, J.-C.: Almost optimal private information retrieval. In: PETS (2003).

Digital Library

[2]

Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 506-522. Springer, Heidelberg (2004).

[3]

Caslon Analytics. Consumer Data Losses, http://www.caslon.com.au/ datalossnote.htm

[4]

Chor, B., Gilboa, N., Naor, M.: Private information retrieval by keywords. Manuscript (1998).

[5]

Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. Journal of the ACM 45(6), 965-981 (1998).

Digital Library

[6]

Davidoff, S.: What Does DHS Know About You?, http://tinyurl.com/ what-dhs-knows

[7]

De Cristofaro, E., Jarecki, S., Kim, J., Tsudik, G.: Privacy-preserving policy-based information transfer. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 164-184. Springer, Heidelberg (2009).

Digital Library

[8]

De Cristofaro, E., Lu, Y., Tsudik, G.: Efficient techniques for privacy-preserving sharing of sensitive information. Cryptology ePrint Archive, http://eprint.iacr. org/2011/113

[9]

De Cristofaro, E., Tsudik, G.: Practical private set intersection protocols with linear complexity. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 143-159. Springer, Heidelberg (2010).

Digital Library

[10]

Feige, U., Killian, J., Naor, M.: A minimal model for secure computation (extended abstract). In: STOC (1994).

Digital Library

[11]

Fischlin, M., Pinkas, B., Sadeghi, A.-R., Schneider, T., Visconti, I.: Secure set intersection with untrusted hardware tokens. In: CT-RSA (2011).

Digital Library

[12]

Freedman, M.J., Nissim, K., Pinkas, B.: Efficient private matching and set intersection. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 1-19. Springer, Heidelberg (2004).

[13]

Gertner, Y., Ishai, Y., Kushilevitz, E., Malkin, T.: Protecting data privacy in private information retrieval schemes. In: STOC (1998).

Digital Library

[14]

Hacigümüs, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: SIGMOD (2002).

Digital Library

[15]

Hazay, C., Lindell, Y.: Constructions of truly practical secure protocols using standard smartcards. In: CCS (2008).

Digital Library

[16]

Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: VLDB (2004).

Digital Library

[17]

Jarecki, S., Liu, X.: Fast secure computation of set intersection. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 418-435. Springer, Heidelberg (2010).

Digital Library

[18]

Kantarcioglu, M., Clifton, C.: Assuring privacy when big brother is watching. In: DMKD (2003).

Digital Library

[19]

Kantarcioglu, M., Vaidya, J.: An architecture for privacy-preserving mining of client information. In: CRPIT (2002).

Digital Library

[20]

Kissner, L., Song, D.: Privacy-preserving set operations. In: Shoup, V. (ed.). CRYPTO 2005. LNCS, vol. 3621, pp. 241-257. Springer, Heidelberg (2005).

Digital Library

[21]

Murugesan, M., Jiang, W., Clifton, C., Si, L., Vaidya, J.: Efficient privacypreserving similar document detection. In: VLDB (2010).

Digital Library

[22]

Nagaraja, S., Mittal, P., Hong, C., Caesar, M., Borisov, N.: BotGrep: Finding Bots with Structured Graph Analysis. In: Usenix Security (2000).

Digital Library

[23]

Olumofin, F., Goldberg, I.: Privacy-preserving queries over relational databases. In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 75-92. Springer, Heidelberg (2010).

Digital Library

[24]

Rabin, M.: How to exchange secrets by oblivious transfer. TR-81. Harvard Aiken Computation Lab (1981).

[25]

Song, D., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: S&P (2000).

Digital Library

Cited By

Ucci DAniello LBaldoni RAhn GPretschner AGhinita G(2017)Share a pie?Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy10.1145/3029806.3029817(95-106)Online publication date: 22-Mar-2017
https://dl.acm.org/doi/10.1145/3029806.3029817
Jarecki SJutla CKrawczyk HRosu MSteiner MSadeghi AGligor VYung M(2013)Outsourced symmetric private information retrievalProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2516730(875-888)Online publication date: 4-Nov-2013
https://dl.acm.org/doi/10.1145/2508859.2516730
Kerschbaum FOssowski SLecca P(2012)Collusion-resistant outsourcing of private set intersectionProceedings of the 27th Annual ACM Symposium on Applied Computing10.1145/2245276.2232008(1451-1456)Online publication date: 26-Mar-2012
https://dl.acm.org/doi/10.1145/2245276.2232008
Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

TRUST'11: Proceedings of the 4th international conference on Trust and trustworthy computing

June 2011

312 pages

ISBN:9783642215988

Editors:
Jonathan M. McCune
Carnegie Mellon University, Pittsburgh, PA
,
Boris Balacheff
Hewlett-Packard Labs, Bristol, UK
,
Adrian Perrig
Carnegie Mellon University, Pittsburgh, PA
,
Ahmad-Reza Sadeghi
TU Darmstadt / Fraunhofer SIT, Darmstadt, Germany
,
Angela Sasse
University College London, London, UK

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 22 June 2011

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ucci DAniello LBaldoni RAhn GPretschner AGhinita G(2017)Share a pie?Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy10.1145/3029806.3029817(95-106)Online publication date: 22-Mar-2017
https://dl.acm.org/doi/10.1145/3029806.3029817
Jarecki SJutla CKrawczyk HRosu MSteiner MSadeghi AGligor VYung M(2013)Outsourced symmetric private information retrievalProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2516730(875-888)Online publication date: 4-Nov-2013
https://dl.acm.org/doi/10.1145/2508859.2516730
Kerschbaum FOssowski SLecca P(2012)Collusion-resistant outsourcing of private set intersectionProceedings of the 27th Annual ACM Symposium on Applied Computing10.1145/2245276.2232008(1451-1456)Online publication date: 26-Mar-2012
https://dl.acm.org/doi/10.1145/2245276.2232008
Pappas VRaykova MVo BBellovin SMalkin TZakon RMcDermott JLocasto M(2011)Private search in the real worldProceedings of the 27th Annual Computer Security Applications Conference10.1145/2076732.2076744(83-92)Online publication date: 5-Dec-2011
https://dl.acm.org/doi/10.1145/2076732.2076744

View Options

View options

Media

Figures

Other

Tables

View Table of Contents