Results 1  10
of
44
Toward privacy in public databases
, 2005
"... We initiate a theoretical study of the census problem. Informally, in a census individual respondents give private information to a trusted party (the census bureau), who publishes a sanitized version of the data. There are two fundamentally conflicting requirements: privacy for the respondents an ..."
Abstract

Cited by 107 (10 self)
 Add to MetaCart
(Show Context)
We initiate a theoretical study of the census problem. Informally, in a census individual respondents give private information to a trusted party (the census bureau), who publishes a sanitized version of the data. There are two fundamentally conflicting requirements: privacy for the respondents and utility of the sanitized data. Unlike in the study of secure function evaluation, in which privacy is preserved to the extent possible given a specific functionality goal, in the census problem privacy is paramount; intuitively, things that cannot be learned “safely ” should not be learned at all. An important contribution of this work is a definition of privacy (and privacy compromise) for statistical databases, together with a method for describing and comparing the privacy offered by specific sanitization techniques. We obtain several privacy results using two different sanitization techniques, and then show how to combine them via cross training. We also obtain two utility results involving clustering.
On the Computational Practicality of Private Information Retrieval
 In Proceedings of the Network and Distributed Systems Security Symposium, 2007. Stony Brook Network Security and Applied Cryptography Lab Tech Report
, 2007
"... We explore the limits of singleserver computational private information retrieval (PIR) for the purpose of preserving client access patterns leakage. We show that deployment of nontrivial single server PIR protocols on real hardware of the recent past would have been orders of magnitude less time ..."
Abstract

Cited by 85 (8 self)
 Add to MetaCart
(Show Context)
We explore the limits of singleserver computational private information retrieval (PIR) for the purpose of preserving client access patterns leakage. We show that deployment of nontrivial single server PIR protocols on real hardware of the recent past would have been orders of magnitude less timeefficient than trivially transferring the entire database. We stress that these results are beyond existing knowledge of mere “impracticality ” under unfavorable assumptions. They rather reflect an inherent limitation with respect to modern hardware, likely the result of a communicationcost centric protocol design. We argue that this is likely to hold on nonspecialized traditional hardware in the foreseeable future. We validate our reasoning in an experimental setup on modern offtheshelf hardware. Ultimately, we hope our results will stimulate practical designs. 1
Building Castles out of Mud: Practical Access Pattern Privacy and Correctness on Untrusted Storage
"... We introduce a new practical mechanism for remote data storage with efficient access pattern privacy and correctness. A storage client can deploy this mechanism to issue encrypted reads, writes, and inserts to a potentially curious and malicious storage service provider, without revealing informatio ..."
Abstract

Cited by 81 (4 self)
 Add to MetaCart
(Show Context)
We introduce a new practical mechanism for remote data storage with efficient access pattern privacy and correctness. A storage client can deploy this mechanism to issue encrypted reads, writes, and inserts to a potentially curious and malicious storage service provider, without revealing information or access patterns. The provider is unable to establish any correlation between successive accesses, or even to distinguish between a read and a write. Moreover, the client is provided with strong correctness assurances for its operations – illicit provider behavior does not go undetected. We built a first practical system – orders of magnitude faster than existing implementations – that can execute over several queries per second on 1Tbyte+ databases with full computational privacy and correctness. Categories andSubject Descriptors H.3.4 [Information Storage and Retrieval]: Systems
Towards 3Query Locally Decodable Codes of Subexponential Length
, 2008
"... A qquery Locally Decodable Code (LDC) encodes an nbit message x as an Nbit codeword C(x), such that one can probabilistically recover any bit xi of the message by querying only q bits of the codeword C(x), even after some constant fraction of codeword bits has been corrupted. We give new const ..."
Abstract

Cited by 72 (6 self)
 Add to MetaCart
A qquery Locally Decodable Code (LDC) encodes an nbit message x as an Nbit codeword C(x), such that one can probabilistically recover any bit xi of the message by querying only q bits of the codeword C(x), even after some constant fraction of codeword bits has been corrupted. We give new constructions of three query LDCs of vastly shorter length than that of previous constructions. Specifically, given any Mersenne prime p = 2t −1, we design three query LDCs of length N = exp(O(n1/t)), for every n. Based on the largest known Mersenne prime, this translates to a length of less than exp(O(n10−7)), compared to exp(O(n1/2)) in the previous constructions. It has often been conjectured that there are infinitely many Mersenne primes. Under this conjecture, our constructions yield three query locally decodable codes of length N = exp(nO ( 1log log n)) for infinitely many n. We also obtain analogous improvements for Private Information Retrieval (PIR) schemes. We give 3server PIR schemes with communication complexity of O(n10−7) to access an nbit database, compared to the previous best scheme with complexity O(n1/5.25). Assuming again that there are infinitely many Mersenne primes, we get 3server PIR schemes of communication complexity n O ( 1log log n) for infinitely many n. Previous families of LDCs and PIR schemes were based on the properties of lowdegree multivariate polynomials over finite fields. Our constructions are completely different and are obtained by constructing a large number of vectors in a small dimensional vector space whose inner products are restricted to lie in an algebraically nice set.
Some Applications of Coding Theory in Computational Complexity
, 2004
"... Errorcorrecting codes and related combinatorial constructs play an important role in several recent (and old) results in computational complexity theory. In this paper we survey results on locallytestable and locallydecodable errorcorrecting codes, and their applications to complexity theory ..."
Abstract

Cited by 65 (2 self)
 Add to MetaCart
(Show Context)
Errorcorrecting codes and related combinatorial constructs play an important role in several recent (and old) results in computational complexity theory. In this paper we survey results on locallytestable and locallydecodable errorcorrecting codes, and their applications to complexity theory and to cryptography.
On PrivacyPreserving Histograms
"... We advance the approach initiated by Chawla et al. for sanitizing (census) data so as to preserve the privacy of respondents while simultaneously extracting "useful " statistical information. First, we extend the scope of their techniques to a broad and rich class of distributions ..."
Abstract

Cited by 20 (4 self)
 Add to MetaCart
(Show Context)
We advance the approach initiated by Chawla et al. for sanitizing (census) data so as to preserve the privacy of respondents while simultaneously extracting &quot;useful &quot; statistical information. First, we extend the scope of their techniques to a broad and rich class of distributions, specifically, mixtures of highdeminsional balls, spheres, Gaussians, and other &quot;nice &quot; distributions. Second, we randomize the histogram constructions to preserve spatial characteristics of the data, allowing us to approximate various quantities of interest, such as the cost of the minimum spanning tree on the data, in a privacypreserving fashion.
Private Web Search
, 2007
"... Web search is currently a source of growing concern about personal privacy. It is an essential and central part of most users ’ activity online and therefore one through which a significant amount of personal information may be revealed. To help users protect their privacy, we have designed and impl ..."
Abstract

Cited by 20 (3 self)
 Add to MetaCart
(Show Context)
Web search is currently a source of growing concern about personal privacy. It is an essential and central part of most users ’ activity online and therefore one through which a significant amount of personal information may be revealed. To help users protect their privacy, we have designed and implemented Private Web Search (PWS), a usable clientside tool that minimizes the information that users reveal to a search engine. Our tool protects users against attacks that involve active components and timing information, to which more general Webbrowsing privacy tools (including the combination of FoxTor and Privoxy) are vulnerable. PWS is a Firefox plugin that functions as an HTTP proxy and as a client for the Tor anonymity network. It configures Firefox so that search queries executed from the PWS search box are routed through the HTTP proxy and Tor client, filtering potentially sensitive or identifying components of the request and response.
Entanglementresistant twoprover interactive proof systems and nonadaptive private information retrieval systems
, 2007
"... Abstract. We show that every language in NP is recognized by a twoprover interactive proof system with the following properties. The proof system is entanglementresistant (i.e., its soundness is robust against provers who have prior shared entanglement), it has two provers and one round of interac ..."
Abstract

Cited by 16 (1 self)
 Add to MetaCart
Abstract. We show that every language in NP is recognized by a twoprover interactive proof system with the following properties. The proof system is entanglementresistant (i.e., its soundness is robust against provers who have prior shared entanglement), it has two provers and one round of interaction, the provers ’ answers are single bits, and the completenesssoundness gap is constant (formally, NP ⊆ ⊕MIP ∗ 1−ε,1/2+ε[2], for any ε such that 0 < ε < 1/4). Our result is based on the “oracularizing ” property of a particular private information retrieval scheme (PIR), and it suggests that investigating related properties of other PIRs might bear further fruit. 1
New constructions for queryefficient locally decodable codes of subexponential length
 IEICE Transactions on Information and Systems
"... is an errorcorrecting code that encodes each message ⃗x = (x1, x2,...,xn) ∈ Fn q to a codeword C(⃗x) ∈ FNq and has the following property: For any ⃗y ∈ FN q such that d(⃗y, C(⃗x)) ≤ δN and each 1 ≤ i ≤ n, the symbol xi of ⃗x can be recovered with probability at least 1−ε by a randomized decoding ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
is an errorcorrecting code that encodes each message ⃗x = (x1, x2,...,xn) ∈ Fn q to a codeword C(⃗x) ∈ FNq and has the following property: For any ⃗y ∈ FN q such that d(⃗y, C(⃗x)) ≤ δN and each 1 ≤ i ≤ n, the symbol xi of ⃗x can be recovered with probability at least 1−ε by a randomized decoding algorithm looking only at k coordinates of ⃗y. The efficiency of a (k, δ, ε)locally decodable code C: Fn q → FN q is measured by the code length N and the Abstract: A (k, δ, ε)locally decodable code C: F n q → FN q number k of queries. For any kquery locally decodable code C: Fn q → FNq, the code length N is conjectured to be exponential of n, i.e., N = exp(nΩ(1)), however, this was disproved. Yekhanin [In Proc. such that of STOC, 2007] showed that there exists a 3query locally decodable code C: Fn 2 → FN2 N = exp(n (1 / log log n) ) assuming that the number of Mersenne primes is infinite. For a 3query locally decodable code C: Fn q → FN q, Efremenko [ECCC Report No.69, 2008] reduced the code length further to N = exp(nO((log log n/log n)1/2)), and also showed that for any integer r> 1, there exists a kquery locally decodable code C: Fn q → FN q such that k ≤ 2r and N = exp(nO((log log n/log n)1−1/r)). In this paper, we present a queryefficient locally decodable code by introducing a technique of “composition of locally decodable codes, ” and show that for any integer r> 1, there exists a kquery locally decodable code C: Fn q → FNq such that k ≤ 3 · 2r−2 and N = exp(nO((log log n/log n)1−1/r)). Keywords: Locally Decodable Codes, SMatching Vectors, SDecoding Polynomials, Composition of Locally Decodable Codes, Perfectly Smooth Decoders, Private Information Retrieval.
Query privacy in wireless sensor networks
"... Abstract — Existing mechanisms for querying wireless sensor networks leak client interests to the servers performing the queries. The leaks are not only in terms of specific regions but also of client access patterns. In this paper we introduce the problem of preserving the privacy of clients queryi ..."
Abstract

Cited by 15 (0 self)
 Add to MetaCart
(Show Context)
Abstract — Existing mechanisms for querying wireless sensor networks leak client interests to the servers performing the queries. The leaks are not only in terms of specific regions but also of client access patterns. In this paper we introduce the problem of preserving the privacy of clients querying a wireless sensor network owned by untrusted organizations. We investigate two architectures and their corresponding trust models. For the first model, consisting of multiple, mutually distrusting servers governing the network, we devise an efficient protocol, SPYC, and show that it provides full query privacy. For the second model, where all queries are performed through a single server, we introduce two metrics for quantifying the privacy achieved by a client’s query sequence. We propose a suite of practical algorithms, then analyze the privacy and efficiency levels they provide. Our TOSSIM simulations show that the proposed query mechanisms are communication efficient while significantly improving client query privacy levels. I.