Abstract
The privacy protection has recently become a hot topic because of the increase in cyber-crime (using personal data for mounting attacks) as well as legal obligations for parties controlling personal data (eg. GDPR regulation of European Union). This creates a big market for pragmatic technical solutions.
In this paper we discuss a few general issues related to these problems, focused on current challenges and the necessity of paradigm shifting in the construction of IT systems, which should be secure-by-design in a demonstrable way.
Supported by Polish National Science Centre grant OPUS, no. 2014/15/B/ST6/02837.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
The European Parliament and the Council of the European Union: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ec (General Data Protection Regulation). Off. J. Eur. Union 119
The European Parliament and the Council of the European Union: Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/ec (2014). http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2014.257.01.0073.01.ENG
Microsoft: U-Prove. Webpage of the project. Accessed 2017
IBM: Idemix. Webpage of the project. Accessed 2017
BSI: Technical guideline tr-03110 v2.21 - advanced security mechanisms for machine readable travel documents and eidas token (2016). https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html
Camenisch, J., Lehmann, A.: (Un)linkable pseudonyms for governmental databases, pp. 1467–1479. [17]
Bringer, J., Chabanne, H., Lescuyer, R., Patey, A.: Efficient and strongly secure dynamic domain-specific pseudonymous signatures for ID documents. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 255–272. Springer, Heidelberg (2014)
Kluczniak, K.: Anonymous authentication using electronic identity documents. Ph.D. dissertation, Institute of Computer Science, Polish Academy of Sciences (2016)
Popoveniuc, S., Kelsey, J., Regenscheid, A., Vora, P.L.: Performance requirements for end-to-end verifiable elections. In: Jones, D.W., Quisquater, J., Rescorla, E. (eds.) 2010 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections, EVT/WOTE 2010, Washington, D.C., USA, 9–10 August 2010. USENIX Association (2010)
Gogolewski, M., Klonowski, M., Kubiak, P., Kutyłowski, M., Lauks, A., Zagórski, F.: Kleptographic attacks on e-voting schemes. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 494–508. Springer, Heidelberg (2006). https://doi.org/10.1007/11766155_35
Ateniese, G., Magri, B., Venturi, D.: Subversion-resilient signature schemes, pp. 364–375. [17]
Tang, Q., Yung, M.: Cliptography: post-snowden cryptography. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, 30 October–03 November 2017, pp. 2615–2616. ACM (2017)
Hanzlik, L., Kluczniak, K., Kutyłowski, M.: Controlled randomness – a defense against backdoors in cryptographic devices. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 215–232. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61273-7_11
Hanzlik, L., Kubiak, P., Kutylowski, M.: Tracing attacks on U-prove with revocation mechanism: tracing attacks for U-prove. In: Bao, F., Miller, S., Zhou, J., Ahn, G. (eds.) Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2015, Singapore, 14–17 April 2015, pp. 603–608. ACM (2015)
Baldimtsi, F., Camenisch, J., Hanzlik, L., Krenn, S., Lehmann, A., Neven, G.: Recovering lost device-bound credentials. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 307–327. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-28166-7_15
ISO/IEC JTC1 SC17 WG3/TF5 for the International Civil Aviation Organization: Supplemental access control for machine readable travel documents. Technical report (2014) version 1.1, April 2014
Ray, I., Li, N., Kruegel, C. (eds.): Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, 12–6 October 2015. ACM (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Kutyłowski, M. (2018). On Crossroads of Privacy Protection. In: Chen, X., Lin, D., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2017. Lecture Notes in Computer Science(), vol 10726. Springer, Cham. https://doi.org/10.1007/978-3-319-75160-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-75160-3_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75159-7
Online ISBN: 978-3-319-75160-3
eBook Packages: Computer ScienceComputer Science (R0)