Privacy Preserving Data Mining within Anonymous Credential Systems

Authors:
Aggelos Kiayias;Shouhuai Xu;Moti Yung
Affiliations:
Computer Science and Engineering, University of Connecticut, Storrs, USA;University of Texas, San Antonio, USA;Google Inc. and Computer Science, Columbia University, New York, NY, USA
Venue:
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Year:
2008

Citing 22
Cited 0

Security without identification: transaction systems to make big brother obsolete

Communications of the ACM
Showing credentials without identification. Signatures transferred between unconditionally unlinkable pseudonyms

Proc. of a workshop on the theory and application of cryptographic techniques on Advances in cryptology---EUROCRYPT '85
How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
How to share a secret

Communications of the ACM
A verifiable secret shuffle and its application to e-voting

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Privacy Preserving Data Mining

CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Scheme for Proving a Shuffle

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Untraceable Electronic Cash

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
A Verifiable Secret Shuffle of Homomorphic Encryptions

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
A Practical and Provably Secure Coalition-Resistant Group Signature Scheme

CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Privacy-enhancing k-anonymization of customer data

Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
A DoS-limiting network architecture

Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Privacy-preserving distributed k-means clustering over arbitrarily partitioned data

Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining
How to win the clonewars: efficient periodic n-times anonymous authentication

Proceedings of the 13th ACM conference on Computer and communications security
Efficient and secure source authentication with packet passports

SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
A practical scheme for non-interactive verifiable secret sharing

SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
Fair blind signatures

EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Secure distributed key generation for discrete-log based cryptosystems

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Privacy-preserving set operations

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Compact e-cash

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Unclonable group identification

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

Quantified Score

Hi-index	0.00

Visualization

Abstract

Regular (non-private) data mining can be applied to manage and utilize accumulated transaction data. For example, the accumulated relative service time per user per month can be calculated given individual transaction data from which the user compliance with a service agreement can be determined and possibly billing can be processed. Nevertheless, due to user privacy concerns, cryptographic research developed transactions based on unlinkable anonymous credentials. Given the nature of anonymous credentials the ease of managing accumulated data (e.g., per user) is lost. To restore the possibility of management and accumulation of data it seems that a suitable form of privacy preserving data mining is needed. Indeed, privacy preserving data mining methods have been suggested for various protocols and interactions where individual data can be contributed in an encrypted form, but not within the context of anonymous credentials. Given our motivation we suggest a new notion of performing "privacy preserving data mining within the context of anonymous cryptographic credential systems," so as to protect both the privacy of individually contributed data and the identity of their sources while revealing only what is needed. To instantiate our approach we focus on a primitive we call "data mining group signatures" (DMGS), where it is possible for a set of authorities to employ distributed quorum control for conducting privacy preserving data mining operations on a batch of transactions while preserving maximum possible anonymity. We define and model the new primitive and its security goals, we then present a construction and finally show its privacy and security properties. Along the way we build a methodology that safely combines multi-server protocols as sub-procedures in a more general setting.