Skip to main content
SpringerLink
Log in

Negotiated Privacy

(Extended Abstract)

  • Conference paper
  • First Online:
Software Security — Theories and Systems (ISSS 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2609))

Included in the following conference series:

Abstract

Exponential growth in digital information gathering, storage, and processing capabilities inexorably leads to conflict between wellintentioned government or commercial datamining, and fundamental privacy interests of individuals and organizations. This paper proposes a mechanism that provides cryptographic fetters on the mining of personal data, enabling efficient mining of previously-negotiated properties, but preventing any other uses of the protected personal data. Our approach does not rely on complete trust in the analysts to use the data appropriately, nor does it rely on incorruptible escrow agents. Instead, we propose conditional data escrow where the data generators, not the analysts, hold the keys to the data, but analysts can verify that the prenegotiated queries are enabled. Our solution relies on verifiable, anonymous, and deterministic commitments which play the role of tags that mark encrypted entries in the analyst’s database. The database owner cannot learn anything from the encrypted entries, or even verify his guess of the plaintext on which these entries are based. On the other hand, the verifiable and deterministic property ensures that the entries are marked with consistent tags, so that the database manager learns when the number of entries required to enable some query reaches the pre-negotiated threshold.

Partially supported by ONR Grants N00014-02-1-0109 and N00014-01-1-0837, DARPA contract 9N66001-00-C-8015 and NSF grant INT98-15731.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and J. Feigenbaum. A simple protocol for secure circuit evaluation. In Proc. STACS’ 88, pages 264–272, 1988.

    Google Scholar 

  2. M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption).J. Cryptology, 15(2):103–127, 2002.

    MATH  MathSciNet  Google Scholar 

  3. M. Bellare, A. Boldyreva, A. Desai, and D. Pointcheval. Key-privacy in public-key encryption. In Proc. ASIACRYPT’ 01, pages 566–582, 2001.

    Google Scholar 

  4. D. Boneh and R. Ostrovsky. Search on encrypted data, 2002.

    Google Scholar 

  5. D. Boneh. The decisional Difie-Hellman problem. In Proc. 3rd Algorithmic Number Theory Symposium, volume 1423 of LNCS, pages 48–63. Springer-Verlag, 1998.

    Google Scholar 

  6. M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In Proc. ACM Conference on Computer and Communications Security, pages 62–73, 1993.

    Google Scholar 

  7. S. Brands. Rethinking Public Key Infrastructure and Digital Certificates-Building in Privacy. MIT Press, Cambridge, MA, 2000.

    Google Scholar 

  8. D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In Proc. CRYPTO’ 88, volume 403 of LNCS, pages 319–327. Springer-Verlag, 1988.

    Google Scholar 

  9. B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan. Private information retrieval. J. ACM, 45(6):965–981, 1998.

    Article  MATH  MathSciNet  Google Scholar 

  10. D. Chaum. Blind signatures for untracable payments. In Proc. CRYPTO’ 82, pages 199–203, 1982.

    Google Scholar 

  11. J. Camenisch and A. Lysyanskaya. An efficient system for nontransferable anonymous credentials with optional anonymity revocation. In Proc. EUROCRYPT’ 01, volume 2045 of LNCS, pages 93–118. Springer-Verlag, 2001.

    Google Scholar 

  12. D. Chaum and T. Pedersen. Wallet databases with observers. In Proc. CRYPTO’ 92, volume 740 of LNCS, pages 89–105. Springer-Verlag, 1992.

    Google Scholar 

  13. Y. Desmedt and Y. Frankel. Threshold cryptosystems. In Proc. CRYPTO’ 89, volume 435 of LNCS, pages 307–315. Springer-Verlag, 1989.

    Google Scholar 

  14. A. Evfimievski, R. Srikant, R. Agrawal, and J. Gehrke. Privacy preserving mining of association rules. In Proc. 8th ACM SIGKDD Int’l Conference on Knowledge Discovery in Databases and Data Mining, 2002.

    Google Scholar 

  15. P. Feldman. A practical scheme for non-interactive verifiable secret sharing. In Proc. 28th IEEE Symposium on Foundations of Comp. Science, pages 427–438, 1987.

    Google Scholar 

  16. Y. Gertner, Y. Ishai, E. Kushilevitz, and T. Malkin. Protecting data privacy in private inforomation retrieval schemes. In Proc. 31th Annual ACM Symposium on Theory of Computing, pages 151–160, 1998.

    Google Scholar 

  17. O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game or a completeness theorem for protocols with and honest majority. In Proc. 19th Annual ACM Symposium on Theory of Computing, pages 218–229, 1987.

    Google Scholar 

  18. D. Goldschlag, M. Reed, and P. Syverson. Onion routing for anonymous and private Internet connections. Communications of the ACM, 42(2):39–41, 1999.

    Article  Google Scholar 

  19. J. Kilian and F.T. Leighton. Fair cryptosystems, revisited. In Proc. EUROCRYPT’ 95, volume 963 of LNCS, pages 208–220. Springer-Verlag, 1995.

    Google Scholar 

  20. J. Kilian and E. Petrank. Identity escrow. In Proc. CRYPTO’ 98, volume 1462 of LNCS, pages 169–185. Springer-Verlag, 1998.

    Google Scholar 

  21. A. Kiayias and M. Yung. Secure games with polynomial expressions. In ICALP’ 01, pages 939–950, 2001.

    Google Scholar 

  22. Y. Lindell and B. Pinkas. Privacy preserving data mining. In Proc. CRYPTO’ 00, volume 1880 of LNCS, pages 36–47. Springer-Verlag, 2000.

    Google Scholar 

  23. S. Micali. Fair public-key cryptosystems. In Proc. CRYPTO’ 92, volume 740 of LNCS, pages 113–138. Springer-Verlag, 1992.

    Google Scholar 

  24. M. Naor and B. Pinkas. Oblivious transfer and polynomial evaluation. In Proc. 31th Annual ACM Symposium on Theory of Computing, pages 245–254, 1998.

    Google Scholar 

  25. C.P. Schnorr. Efficient signature generation by smart cards. J. Cryptology, 4(3):161–174, 1991.

    Article  MATH  MathSciNet  Google Scholar 

  26. A. Shamir. How to share a secret. Communications of the ACM, 22(11):612–613, 1979.

    Article  MATH  MathSciNet  Google Scholar 

  27. D.X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In Proc. IEEE Symposium on Security and Privacy, pages 44–55, 2000.

    Google Scholar 

  28. A.C. Yao. Protocols for secure computations. In Proc. 23rd IEEE Symposium on Foundations of Comp. Science, pages 160–164, 1982.

    Google Scholar 

  29. A. Young and M. Yung. Auto-recoverable and auto-certifiable cryptosystems. In Proc. EUROCRYPT’ 98, volume 1043 of LNCS pages 17–31. Springer-Verlag, 1998.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Stanford University, 94305, Stanford, CA, USA

    Stanislaw Jarecki

  2. SRI International, 333 Ravenswood Avenue, Menlo Park, 94025, CA, USA

    Patrick Lincoln & Vitaly Shmatikov

Authors
  1. Stanislaw Jarecki
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patrick Lincoln
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vitaly Shmatikov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Keio University, 2-15-45 Mita, Minatoku, 108-8345, Tokyo, Japan

    Mitsuhiro Okada

  2. University of Pennsylvania, 200 South 33rd St., 19104, Philadelphia, PA, USA

    Benjamin C. Pierce

  3. University of Pennsylvania, 209 South 33rd St., 19104-6395, Philadelphia, PA, USA

    Andre Scedrov

  4. Keio University, 5322 Endoh, 252-8520, Fujisawa, Japan

    Hideyuki Tokuda

  5. University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113, Tokyo, Japan

    Akinori Yonezawa

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jarecki, S., Lincoln, P., Shmatikov, V. (2003). Negotiated Privacy. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_7

Download citation

  • DOI: https://doi.org/10.1007/3-540-36532-X_7

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00708-1

  • Online ISBN: 978-3-540-36532-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation