Abstract
Privacy Homomorphisms (PHs) are encryption functions that allow for a limited processing of encrypted data. They are of particular importance for the transformation of sensitive data that is given away to untrusted third parties for computation purposes. In this paper, we analyze the theoretical foundations of this class of functions and mark out its limitations in terms of security and functionality. We then propose the employment of PHs in two different usage environments. First, a single user wants an untrusted service provider to perform operations on encrypted data that she lacks the power or ability to compute herself. Second, a group of peers uses the services of a semi-trusted mediator who cannot be relied on in principle but who is assumed not to collude with either of the peers. In both cases, privacy is preserved by encrypting sensitive data with a PH before transferring it to the untrusted party. The results show that PHs can be usefully employed in both situations although their firm theoretical limitations inhibit general-purpose use.
This research was supported by the Deutsche Forschungsgemeinschaft, GRK 316/3.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Asonov, D., Freytag, J.C.: Almost optimal private information retrieval. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 209–223. Springer, Heidelberg (2003)
Beaver, D.: Commodity-based cryptography. In: Proceedings of the ACM STOC Conference, El Paso, USA (1997)
Boyens, C., Günther, O.: Trust is not enough: Privacy and security in ASP and web service environments. In: Manolopoulos, Y., Návrat, P. (eds.) ADBIS 2002. LNCS, vol. 2435, p. 8. Springer, Heidelberg (2002)
Boyens, C., Günther, O.: Using online services in untrusted environments - a privacy-preserving architecture. In: Proceedings of the European Conference on Information Systems (ECIS), Naples, Italy (2003) (to appear)
Brickell, E., Yacobi, Y.: On privacy homomorphisms. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 117–125. Springer, Heidelberg (1988)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proceedings of the 36th IEEE Conference on Foundations of Computer Science, pp. 41–50. IEEE Press, New York (1995)
Chowdhury, S.D., Duncan, G., Krishnan, R., Roehrig, S., Mukherjee, S.: Disclosure detection in multivariate categorical databases: auditing confidentiality protection through two new matrix operators. Management Science 45(12) (December 1999)
Domingo-Ferrer, J., Herrera-Joancomarti, J.: A privacy homomorphism allowing field operations on encrypted data. Jornades de Matematica Discreta i Algorismica, Barcelona (1999)
Feigenbaum, J., Freedman, M., Sander, T., Shostack, A.: Privacy engineering for digital rights management systems. In: Digital Rights Management Workshop, pp. 76–105 (2001)
Goldreich, O.: Secure multi-party computation. Working Draft (1998)
Rivest, R., Adleman, L., Dertouzos, M.: On data banks and privacy homomorphisms. In: Foundations of Secure Computation. Academic Press, New York (1978)
Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM 21(2) (1978)
Smith, S.W., Weingart, S.H.: Building a high-performance, programmable secure coprocessor. Computer Networks, Special Issue on Computer Network Security 31, 831–860 (1999)
Stallings, W.: Cryptography and Network Security: Principles and Practice. Prentice-Hall, Englewood Cliffs (1999)
Sweeney, L.: Computational Disclosure Control: A Primer on Data Privacy Protection. PhD thesis, Massachusetts Institute of Technology (2001)
Willenborg, L., de Waal, T.: Elements of Statistical Disclosure Control. Addison-Wesley, Reading (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Boyens, C., Fischmann, M. (2003). Profiting from Untrusted Parties in Web-Based Applications. In: Bauknecht, K., Tjoa, A.M., Quirchmayr, G. (eds) E-Commerce and Web Technologies. EC-Web 2003. Lecture Notes in Computer Science, vol 2738. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45229-4_22
Download citation
DOI: https://doi.org/10.1007/978-3-540-45229-4_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40808-6
Online ISBN: 978-3-540-45229-4
eBook Packages: Springer Book Archive