Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Protecting data privacy in private information retrieval schemes
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy
Wallet Databases with Observers
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Replication is not needed: single database, computationally-private information retrieval
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Data collection with self-enforcing privacy
Proceedings of the 13th ACM conference on Computer and communications security
Single database private information retrieval implies oblivious transfer
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Collusion-Free policy-based encryption
ISC'06 Proceedings of the 9th international conference on Information Security
Policy-based cryptography and applications
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
An oblivious transfer protocol with log-squared communication
ISC'05 Proceedings of the 8th international conference on Information Security
Efficient Multi-authorizer Accredited Symmetrically Private Information Retrieval
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Private predictions on hidden Markov models
Artificial Intelligence Review
Hi-index | 0.00 |
With the digitization of society and the continuous migration of services to the electronic world, individuals have lost significant control over their data. In this paper, we consider the problem of protecting personal information subjects. More specifically, we propose a new primitive allowing a data subject to decide when, how, and by whom his data can be accessed, without the database manager learning anything about his identity, at the time the data is retrieved. The proposed solution, which we call Accredited SPIR, combines symmetrically private information retrieval and privacy-preserving digital credentials. We present three constructions based on the discrete logarithm and RSA problems. Despite the added privacy safeguards, the extra cost incurred by our constructions is negligeable compared to that of the underlying building blocks.