Download Privacy-Preserving Applications on Smartphones Yan Huang

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
Document related concepts

IEEE 1355 wikipedia , lookup

Internet protocol suite wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Transcript 
Privacy-Preserving
Applications on
Smartphones
Yan Huang
Peter Chapman
David Evans
University of Virginia
HotSec '11
August 9, 2011
http://www.MightBeEvil.com
What's on your phone?
Contacts
Email
Location History
Genome
(maybe next year)
Pictures
Banking & Payment
Mutual Contact Discovery
Someone nearby
also knows Alice
and 8 other
contacts of yours!
Bob
Discover
!
Transfer entire (hashed)
contact list between
devices?
Alice
Mutual Contact Discovery
Someone nearby
also knows Alice
and 8 other
contacts of yours!
Bob
Discover
!
Sharing contact list with a
stranger is unacceptable
Alice
The Dilemma
Can we interact with others and
control our data?
Trust a Third Party?
June 2011
1.3 Million
April 2011
2,500 Corporate Clients
June 2011
200,000
April 2011
70 Million
June 2011
25 Million
Secure Two-Party Computation
Bob (circuit evaluator)
Alice (circuit generator)
Private Data: a
Private Data: b
Garbled Circuit
Protocol
Semi-honest threat model
Andrew Yao, 1982/1986
Potential Applications
Two Party
Multi-Party
Common Contacts
Favorite Workshop Papers
Voting, Auctions & more!
g
n
i
s
i
t
r
e
v
d
A
d
e
t
e
g
ar
T
r
e
Hyp
Collaborative Scheduling
Potential Applications
User-Initiated (Explicit) Automatic (Background)
Voting, Auctions & more!
Favorite Workshop Papers
Collaborative Scheduling
CommonContacts
Hyper-Targeted Advertising
Implementing
Privacy-Preserving Applications
Secure-Computation Framework
Java-Based Pipelined Circuit Execution
Garbled Circuit Free XOR
Framework Circuit-Level Optimizations
See our talk in the Friday, 5 PM Applied Cryptography
USENIX Security technical session:
Faster Secure Two-Party Computation Using
Garbled Circuits
Yan Huang, David Evans, Jonathan Katz, & Lior Malka
Available now:
http://mightbeevil.org/framework/
Porting the Framework
100 non-free gates per second:
1000 times slower than desktop!
No cryptographic
hardware modules.
We thank Google for the Nexus One phones!
Common Contacts
Search for mutually
shared contacts, without
leaking others.
128 contacts compared
in 150 seconds
24-bit Hashes of Email and
Phone Numbers
Sort-Compare-Shuffle to do
private set intersection in
O(n log n)
Improving Mobile Performance
Java's immutable BigInteger causes 1/2 of time to be spent on GC
Improving Mobile Performance
Poster and Demo: More Efficient Secure
Computation on Smartphones
Sang Koo, Yan Huang, Peter Chapman, and David Evans
(Thursday, 6PM California East/West)
Java's immutable BigInteger causes 1/2 of time to be spent on GC
Future Optimization: RenderScript
C99 with extensions
Runs on either CPU or GPU
depending on complexity
Future Directions
Stronger Adversaries
Semi-Honest (Honest But Curious) Adversary
Adversary follows the protocol as specified (!)
Curious adversary tries to learn more from
protocol execution transcript.
Stronger Adversaries
Semi-Honest (Honest But Curious) Adversary
Adversary follows the protocol as specified (!)
Curious adversary tries to learn more from
protocol execution transcript.
Semi-Honest Good Enough?
Stronger Adversaries
Semi-Honest (Honest But Curious) Adversary
Adversary follows the protocol as specified (!)
Curious adversary tries to learn more from
protocol execution transcript.
Semi-Honest Good Enough?
Software Based Attestation?
Leveraging the Carrier
Any new peers
nearby?
Carriers can identify
and locate devices on
their networks.
OS Support for Secure Computation
Secure Apps
Common
Contacts
OS/Standardized
Displays
Private data
restricted to secure
computation by OS
Summary
●
●
Useful applications that
are “social” and
cryptographically protect
privacy.
Performance challenges,
open research questions,
and deployment hurdles
remain.
http://MightBeEvil.com/mobile/
User-Friendly Secure Computation
User Education
OS/Standardized
Displays
Private data
restricted to secure
computation by OS
Application Development
Now: Privacy-Preserving
computations as a concept
must break out of academia
Proper education
about data leakage
and threat mode
+2 Years: Secure
Computation Library
Development
Share Sub-circuits &
Components
+5 Years:
Automatic Source
Conversion with
Privacy-Preserving
Functionality
Heterozygous Recessive Risk
Bob
Alice
A
a
A
AA
Aa
a
aA
aa
Noncarrier: 25%
Just Carrier: 50%
Disease: 25%
cystic fibrosis
Goal: Compute overall risk across a range of diseases
Background Secure Computations
the
o
t
e go ?
w
rs
Do
a
b
e
sam
Do w
e
same share the
inter
ests?
I just watched all
of Arrested
Development on
Hulu, got any
deals?
Must cap repeated
executions
Related documents
Definition of `civil resistance`
Definition of `civil resistance`
2011 Technology Preview
2011 Technology Preview
A second look at Shoup`s lemma - Prosecco
A second look at Shoup`s lemma - Prosecco
National Business Education Standards
National Business Education Standards
Tutorial 2: Exercises
Tutorial 2: Exercises
CSE1010 Computer Science 1
CSE1010 Computer Science 1
biological sequence analysis
biological sequence analysis
Patient Information Form
Patient Information Form
How Others Compromise Your Location Privacy
How Others Compromise Your Location Privacy
Spark suppression - Illinois Capacitor
Spark suppression - Illinois Capacitor
Helping Your Children Develop Positive Attitudes About Math
Helping Your Children Develop Positive Attitudes About Math
conjugacy search problem in public key cryptography
conjugacy search problem in public key cryptography
Document
Document
RSA: 1977--1997 and beyond
RSA: 1977--1997 and beyond
pdf
pdf
Introduction to Operations Security (OPSEC)
Introduction to Operations Security (OPSEC)
Dude, where’s that IP? Circumventing measurement-based IP geolocation
Dude, where’s that IP? Circumventing measurement-based IP geolocation